aschwarz/Leitgedanken
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PDF rausgenommen

Browse Source
This commit is contained in:
aschwarz
2023-01-23 11:03:31 +01:00
parent 82d562a322
commit a6523903eb
28078 changed files with 4247552 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
msd2/myoos/includes/content/account.php Normal file
View File

@ -0,0 +1,92 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account.php,v 1.58 2003/02/13 01:58:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_account.php';
$customerstable = $oostable['customers'];
$address_bookstable = $oostable['address_book'];
$sql = "SELECT c.customers_gender, c.customers_firstname, c.customers_lastname,
c.customers_dob, c.customers_email_address, c.customers_telephone,
a.entry_company, a.entry_owner, a.entry_vat_id, a.entry_vat_id_status,
a.entry_street_address, a.entry_postcode, a.entry_city,
a.entry_zone_id, a.entry_state, a.entry_country_id
FROM $customerstable c,
$address_bookstable a
WHERE c.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND a.customers_id = c.customers_id
AND a.address_book_id = '" . intval($_SESSION['customer_default_address_id']) . "'";
$account = $dbconn->GetRow($sql);
if ($account['customers_gender'] == 'm') {
$gender = $aLang['male'];
} elseif ($account['customers_gender'] == 'f') {
$gender = $aLang['female'];
}
$sCountryName = oos_get_country_name($account['entry_country_id']);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['account']));
$aTemplate['page'] = $sTheme . '/page/user_account.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'account_active' => 1,
'robots' => 'noindex,follow,noodp,noydir',
'account' => $account,
'gender' => $gender,
'oos_get_country_name' => $sCountryName,
'newsletter' => $newsletter
)
);
// display the template
$smarty->display($aTemplate['page']);

104
msd2/myoos/includes/content/account_address_book.php Normal file
View File

@ -0,0 +1,104 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: address_book.php,v 1.55 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_address_book.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
$address_booktable = $oostable['address_book'];
$sql = "SELECT address_book_id, entry_company, entry_firstname, entry_lastname,
entry_street_address, entry_postcode, entry_city, entry_state,
entry_country_id, entry_zone_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
ORDER BY entry_firstname, entry_lastname";
$address_book_result = $dbconn->Execute($sql);
$aAddressBook = array();
while ($address_book = $address_book_result->fields) {
$state = $address_book['entry_state'];
$country_id = $address_book['entry_country_id'];
$zone_id = $address_book['entry_zone_id'];
$country = oos_get_country_name($country_id);
if (ACCOUNT_STATE == 'true') {
$state = oos_get_zone_code($country_id, $zone_id, $state);
}
$aAddressBook[] = array('address_book_id' => $address_book['address_book_id'],
'company' => $address_book['entry_company'],
'firstname' => $address_book['entry_firstname'],
'lastname' => $address_book['entry_lastname'],
'street_address' => $address_book['entry_street_address'],
'postcode' => $address_book['entry_postcode'],
'city' => $address_book['entry_city'],
'country' => $country,
'state' => $state);
$address_book_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_address_book']));
$aTemplate['page'] = $sTheme . '/page/address_book.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('addressbook') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('addressbook') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'address_book' => $aAddressBook
)
);
// display the template
$smarty->display($aTemplate['page']);

430
msd2/myoos/includes/content/account_address_book_process.php Normal file
View File

@ -0,0 +1,430 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: address_book_process.php,v 1.73 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_address_book_process.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'deleteconfirm') && isset($_POST['entry_id']) && is_numeric($_POST['entry_id']) &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$entry_id = oos_db_prepare_input($_POST['entry_id']);
if ($entry_id == $_SESSION['customer_default_address_id']) {
$oMessage->add_session('addressbook', $aLang['warning_primary_address_deletion'], 'warning');
} else {
$address_booktable = $oostable['address_book'];
$query = "DELETE FROM $address_booktable
WHERE address_book_id = '" . intval($entry_id) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($query);
$oMessage->add_session('addressbook', $aLang['success_address_book_entry_deleted'], 'success');
}
oos_redirect(oos_href_link($aContents['account_address_book']));
}
// Post-entry error checking when updating or adding an entry
$bProcess = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'process') || ($_POST['action'] == 'update') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$bProcess = TRUE;
if ( isset($_POST['entry_id']) && is_numeric($_POST['entry_id']) ) {
$entry_id = oos_db_prepare_input($_POST['entry_id']);
}
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
$bError = FALSE; // reset error flag
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_state_error']);
}
}
}
if ($bError == FALSE) {
$sql_data_array = array('entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$sql_data_array['entry_vat_id_status'] = '1';
} else {
$sql_data_array['entry_vat_id_status'] = '0';
}
if ($_POST['action'] == 'update') {
$address_booktable = $oostable['address_book'];
$check_query = "SELECT address_book_id FROM $address_booktable WHERE address_book_id = '" . intval($entry_id) . "'' AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check_result = $dbconn->Execute($check_query);
if ($check_result->RecordCount()) {
oos_db_perform($oostable['address_book'], $sql_data_array, 'UPDATE', "address_book_id = '" . intval($entry_id) . "' AND customers_id ='" . intval($_SESSION['customer_id']) . "'");
if ( (isset($_POST['primary']) && ($_POST['primary'] == 'on')) || ($entry_id == $_SESSION['customer_default_address_id']) ) {
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_lastname'] = $lastname;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = (($zone_id > 0) ? (int)$zone_id : '0');
$_SESSION['customer_default_address_id'] = intval($entry_id);
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$_SESSION['customers_vat_id_status'] = '1';
} else {
$_SESSION['customers_vat_id_status'] = '0';
}
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_default_address_id' => intval($entry_id));
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'");
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "
SET customers_info_date_account_last_modified = now()
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
}
}
} else {
$sql_data_array['customers_id'] = intval($_SESSION['customer_id']);
oos_db_perform($oostable['address_book'], $sql_data_array);
$new_address_book_id = $dbconn->Insert_ID();
if (isset($_POST['primary']) && ($_POST['primary'] == 'on')) {
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_lastname'] = $lastname;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = (($zone_id > 0) ? (int)$zone_id : '0');
$_SESSION['customer_default_address_id'] = $new_address_book_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$_SESSION['customers_vat_id_status'] = '1';
} else {
$_SESSION['customers_vat_id_status'] = '0';
}
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname);
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
$sql_data_array['customers_default_address_id'] = $new_address_book_id;
oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'");
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "
SET customers_info_date_account_last_modified = now()
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
}
$oMessage->add_session('addressbook', $aLang['success_address_book_entry_updated'], 'success');
oos_redirect(oos_href_link($aContents['account_address_book']));
}
}
}
if (isset($_GET['edit']) && is_numeric($_GET['edit'])) {
$address_booktable = $oostable['address_book'];
$address_sql = "SELECT entry_gender, entry_company, entry_owner, entry_vat_id, entry_vat_id_status,
entry_firstname, entry_lastname, entry_street_address, entry_postcode, entry_city,
entry_state, entry_zone_id, entry_country_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_GET['edit']) . "'";
$entry_result = $dbconn->Execute($address_sql);
if (!$entry_result->RecordCount()) {
$oMessage->add_session('addressbook', $aLang['error_nonexisting_address_book_entry']);
oos_redirect(oos_href_link($aContents['account_address_book']));
}
$entry = $entry_result->fields;
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
$entry_id = oos_db_prepare_input($_GET['delete']);
if ($delete == $_SESSION['customer_default_address_id']) {
$oMessage->add_session('addressbook', $aLang['warning_primary_address_deletion'], 'warning');
oos_redirect(oos_href_link($aContents['account_address_book']));
} else {
$address_booktable = $oostable['address_book'];
$check_query = "SELECT count(*) as total FROM $address_booktable WHERE address_book_id = '" . intval($entry_id) . "' AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check_result = $dbconn->Execute($check_query);
if ($check_result->fields['total'] < 1) {
$oMessage->add_session('addressbook', $aLang['error_nonexisting_address_book_entry']);
oos_redirect(oos_href_link($aContents['account_address_book']));
}
}
} else {
$entry = array('entry_country_id' => STORE_COUNTRY);
}
if (!isset($_GET['delete']) && !isset($_GET['edit'])) {
if (oos_count_customer_address_book_entries() >= MAX_ADDRESS_BOOK_ENTRIES) {
$oMessage->add_session('addressbook', $aLang['error_address_book_full']);
oos_redirect(oos_href_link($aContents['account_address_book']));
}
}
if ( isset($_GET['entry_id']) && is_numeric($_GET['entry_id']) ) {
$entry_id = oos_db_prepare_input($_GET['entry_id']);
}
$back_link = oos_href_link($aContents['account_address_book']);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_address_book']));
if (isset ($_GET['edit']) && is_numeric($_GET['edit'])) {
$oBreadcrumb->add($aLang['navbar_title_modify_entry'], oos_href_link($aContents['account_address_book_process'], 'edit=' . intval($_GET['edit'])));
} elseif (isset ($_GET['delete']) && is_numeric($_GET['delete'])) {
$oBreadcrumb->add($aLang['navbar_title_delete_entry'], oos_href_link($aContents['account_address_book_process'], 'delete=' . intval($_GET['delete'])));
} else {
$oBreadcrumb->add($aLang['navbar_title_add_entry'], oos_href_link($aContents['account_address_book_process']));
}
$aTemplate['page'] = $sTheme . '/page/address_book_process.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['navbar_title_1'] . ' ' . $aLang['navbar_title_2'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'back_link' => $back_link,
'entry_id' => $entry_id,
'process' => $process
)
);
if (isset($_GET['action']) && $_GET['action'] == 'edit') {
$smarty->assign(
array(
'heading_title' => $aLang['heading_title_modify_entry']
)
);
} else {
$smarty->assign(
array(
'heading_title' => $aLang['heading_title_add_entry']
)
);
}
$smarty->assign(
array(
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'gender' => $gender,
'firstname' => $firstname,
'lastname' => $lastname,
'company' => $company,
'street_address' => $street_address,
'postcode' => $postcode,
'city' => $city,
'country' => $country
)
);
if ($state_has_zones == 'true') {
$aZonesNames = array();
$aZonesValues = array();
$zonestable = $oostable['zones'];
$zones_query = "SELECT zone_name FROM $zonestable
WHERE zone_country_id = '" . oos_db_input($country) . "'
ORDER BY zone_name";
$zones_result = $dbconn->Execute($zones_query);
while ($zones = $zones_result->fields) {
$aZonesNames[] = $zones['zone_name'];
$aZonesValues[] = $zones['zone_name'];
$zones_result->MoveNext();
}
$smarty->assign('zones_names', $aZonesNames);
$smarty->assign('zones_values', $aZonesValues);
} else {
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
$smarty->assign('zone_id', $zone_id);
}
$country_name = oos_get_country_name($country);
$smarty->assign('country_name', $country_name);
$smarty->assign('entry', $entry);
// display the template
$smarty->display($aTemplate['page']);

272
msd2/myoos/includes/content/account_edit.php Normal file
View File

@ -0,0 +1,272 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account_edit.php,v 1.62 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_validate_vatid.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_edit.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_DOB == 'true') $dob = oos_db_prepare_input($_POST['dob']);
$email_address = oos_db_prepare_input($_POST['email_address']);
if (ACCOUNT_TELEPHONE == 'true') $telephone = oos_db_prepare_input($_POST['telephone']);
$password = oos_db_prepare_input($_POST['password']);
$confirmation = oos_db_prepare_input($_POST['confirmation']);
if (isset($_POST['newsletter'])) {
$newsletter = oos_db_prepare_input($_POST['newsletter']);
}
$bError = FALSE; // reset error flag
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_DOB == 'true') {
if ((strlen($dob) < ENTRY_DOB_MIN_LENGTH) || (!empty($dob) &&
(!is_numeric(oos_date_raw($dob)) ||
!checkdate(substr(oos_date_raw($dob), 4, 2), substr(oos_date_raw($dob), 6, 2), substr(oos_date_raw($dob), 0, 4))))) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_date_of_birth_error'] );
}
}
if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_email_address_error']);
} elseif (oos_validate_is_email($email_address) == FALSE) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_email_address_check_error']);
} else {
$customerstable = $oostable['customers'];
$check_email_sql = "SELECT customers_email_address
FROM $customerstable
WHERE customers_email_address = '" . oos_db_input($email_address) . "'
AND customers_id != '" . intval($_SESSION['customer_id']) . "'";
$check_email = $dbconn->Execute($check_email_sql);
if ($check_email->RecordCount()) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_email_address_error_exists']);
}
}
if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_password_error']);
} elseif ($password != $confirmation) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_password_error_not_matching']);
}
if ($bError == FALSE) {
$new_encrypted_password = oos_encrypt_password($password);
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_email_address' => $email_address,
'customers_password' => $new_encrypted_password);
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = oos_date_raw($dob);
if (ACCOUNT_TELEPHONE == 'true') $sql_data_array['customers_telephone'] = $telephone;
oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'");
$sql_data_array = array('entry_firstname' => $firstname,
'entry_lastname' => $lastname);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
oos_db_perform($oostable['address_book'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "' AND address_book_id = '" . intval($_SESSION['customer_default_address_id']) . "'");
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "
SET customers_info_date_account_last_modified = now()
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
if (SEND_CUSTOMER_EDIT_EMAILS == 'true') {
$email_owner = $aLang['owner_email_subject'] . "\n" .
$aLang['email_separator'] . "\n" .
$aLang['owner_email_date'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" .
$aLang['email_separator'] . "\n";
if (ACCOUNT_COMPANY == 'true') {
$email_owner .= $aLang['owner_email_company_info'] . "\n" .
$aLang['owner_email_company'] . ' ' . $company . "\n";
if (ACCOUNT_OWNER == 'true') {
$email_owner .= $aLang['owner_email_owner'] . ' ' . $owner . "\n";
}
if (ACCOUNT_VAT_ID == 'true') {
$email_owner .= $aLang['entry_vat_id'] . ' ' . $vat_id . "\n";
}
}
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['male'] . "\n";
} else {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['female'] . "\n";
}
}
$email_owner .= $aLang['owner_email_first_name'] . ' ' . $firstname . "\n" .
$aLang['owner_email_last_name'] . ' ' . $lastname . "\n\n" .
$aLang['owner_email_street'] . ' ' . $street_address . "\n" .
$aLang['owner_email_post_code'] . ' ' . $postcode . "\n" .
$aLang['owner_email_city'] . ' ' . $city . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_contact'] . "\n" .
$aLang['owner_email_telephone_number'] . ' ' . $telephone . "\n" .
$aLang['owner_email_address'] . ' ' . $email_address . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_options'] . "\n";
if ($newsletter == '1') {
$email_owner .= $aLang['owner_email_newsletter'] . $aLang['entry_newsletter_yes'] . "\n";
} else {
$email_owner .= $aLang['owner_email_newsletter'] . $aLang['entry_newsletter_no'] . "\n";
}
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $aLang['owner_email_subject'], nl2br($email_owner), $name, $email_address);
}
if (NEWSLETTER == 'true') {
if ( isset($newsletter) && ($newsletter == 'yes') ) {
oos_newsletter_subscribe_mail($email_address);
}
}
oos_redirect(oos_href_link($aContents['account']));
}
}
$customerstable = $oostable['customers'];
$sql = "SELECT customers_gender, customers_firstname, customers_lastname, customers_dob, customers_email_address, customers_telephone
FROM $customerstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$account = $dbconn->GetRow($sql);
if (ACCOUNT_GENDER == 'true') {
if (isset($gender)) {
$male = ($gender == 'm') ? TRUE : FALSE;
} else {
$male = ($account['customers_gender'] == 'm') ? TRUE : FALSE;
}
$female = !$male;
}
$bNewsletter = FALSE;
if (NEWSLETTER == 'true') {
if (!isset($email_address)) {
$email_address = $account['customers_email_address'];
}
$newsletter_recipients = $oostable['newsletter_recipients'];
$sql = "SELECT recipients_id
FROM $newsletter_recipients
WHERE customers_email_address = '" . oos_db_input($email_address) . "'
AND status = '1'";
$check_recipients_result = $dbconn->Execute($sql);
if (!$check_recipients_result->RecordCount()) {
$bNewsletter = TRUE;
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_edit']));
$aTemplate['page'] = $sTheme . '/page/account_edit.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('account_edit') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('account_edit') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'account' => $account,
'female' => $female,
'male' => $male,
'bNewsletter' => $bNewsletter
)
);
// display the template
$smarty->display($aTemplate['page']);

113
msd2/myoos/includes/content/account_history.php Normal file
View File

@ -0,0 +1,113 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account_history.php,v 1.58 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_history.php';
$orderstable = $oostable['orders'];
$orders_totaltable = $oostable['orders_total'];
$orders_statustable = $oostable['orders_status'];
$history_result_raw = "SELECT o.orders_id, o.date_purchased, o.delivery_name, ot.text AS order_total,
s.orders_status_name
FROM $orderstable o LEFT JOIN
$orders_totaltable ot
ON (o.orders_id = ot.orders_id) LEFT JOIN
$orders_statustable s
ON (o.orders_status = s.orders_status_id
AND s.orders_languages_id = '" . intval($nLanguageID) . "')
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND ot.class = 'ot_total'
ORDER BY orders_id DESC";
$history_split = new splitPageResults($history_result_raw, MAX_DISPLAY_ORDER_HISTORY);
$history_result = $dbconn->Execute($history_split->sql_query);
$aHistory = array();
if ($history_result->RecordCount()) {
while ($history = $history_result->fields) {
$orders_productstable = $oostable['orders_products'];
$sql = "SELECT COUNT(*) AS total
FROM $orders_productstable
WHERE orders_id = '" . intval($history['orders_id']) . "'";
$products = $dbconn->Execute($sql);
$aHistory[] = array('orders_id' => $history['orders_id'],
'orders_status_name' => $history['orders_status_name'],
'date_purchased' => $history['date_purchased'],
'delivery_name' => $history['delivery_name'],
'products_total' => $products->fields['total'],
'order_total' => strip_tags($history['order_total']));
// Move that ADOdb pointer!
$history_result->MoveNext();
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_history']));
$aTemplate['page'] = $sTheme . '/page/account_history.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'page_split' => $history_split->display_count($aLang['text_display_number_of_orders']),
'display_links' => $history_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $history_split->number_of_rows,
'numpages' => $history_split->number_of_pages,
'page' => $nPage,
'history' => $aHistory
)
);
// display the template
$smarty->display($aTemplate['page']);

110
msd2/myoos/includes/content/account_history_info.php Normal file
View File

@ -0,0 +1,110 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account_history_info.php,v 1.94 2003/02/14 20:28:46 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
if (!isset($_GET['order_id'])) {
oos_redirect(oos_href_link($aContents['account_history']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_history_info.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
$orderstable = $oostable['orders'];
$sql = "SELECT customers_id
FROM $orderstable
WHERE orders_id = '" . intval($_GET['order_id']) . "'";
$customer_number = $dbconn->GetOne($sql);
if ($customer_number != $_SESSION['customer_id']) {
oos_redirect(oos_href_link($aContents['account_history']));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_history'], 'page=' . $nPage));
$oBreadcrumb->add($aLang['navbar_title_3'], oos_href_link($aContents['account_history_info'], 'order_id=' . intval($_GET['order_id'])));
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order($_GET['order_id']);
$aTemplate['page'] = $sTheme . '/page/account_history_info.html';
if (DOWNLOAD_ENABLED == 'true') {
$aTemplate['download'] = $sTheme . '/page/download.html';
}
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'page' => $nPage
)
);
$smarty->assign('order', $oOrder);
$smarty->assign('currencies', $oCurrencies);
$orders_statustable = $oostable['orders_status'];
$orders_status_historytable = $oostable['orders_status_history'];
$sql = "SELECT os.orders_status_name, osh.date_added, osh.comments
FROM $orders_statustable os,
$orders_status_historytable osh
WHERE osh.orders_id = '" . intval($_GET['order_id']) . "'
AND osh.orders_status_id = os.orders_status_id
AND os.orders_languages_id = '" . intval($nLanguageID) . "'
ORDER BY osh.date_added";
$smarty->assign('statuses_array', $dbconn->GetAll($sql));
if (DOWNLOAD_ENABLED == 'true') {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/downloads.php';
$smarty->assign('download', $smarty->fetch($aTemplate['download']));
}
// display the template
$smarty->display($aTemplate['page']);

173
msd2/myoos/includes/content/account_order_history.php Normal file
View File

@ -0,0 +1,173 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: order_history.php,v 1.4 2003/02/10 22:31:02 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_order_history.php';
$aTemplate['page'] = $sTheme . '/page/account_order_history.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$orderstable = $oostable['orders'];
$orders_productstable = $oostable['orders_products'];
$productstable = $oostable['products'];
$query = "SELECT DISTINCT op.products_id
FROM $orderstable o,
$orders_productstable op,
$productstable p
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND o.orders_id = op.orders_id
AND op.products_id = p.products_id
AND p.products_setting = '2'
GROUP BY products_id
ORDER BY o.date_purchased DESC";
$orders_result = $dbconn->Execute($query);
if ($orders_result->RecordCount()) {
$product_ids = '';
while ($orders = $orders_result->fields) {
$product_ids .= $orders['products_id'] . ',';
// Move that ADOdb pointer!
$orders_result->MoveNext();
}
$product_ids = substr($product_ids, 0, -1);
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$historytable = $oostable['specials'];
$order_history_raw = "SELECT pd.products_name, p.products_id, p.products_quantity, p.products_image,
p.products_price, p.products_base_price, p.products_tax_class_id,
p.products_product_quantity, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_quantity_order_units, products_units_id,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $products_descriptiontable pd,
$productstable p LEFT JOIN
$manufacturerstable m ON p.manufacturers_id = m.manufacturers_id LEFT JOIN
$historytable s ON p.products_id = s.products_id
WHERE p.products_setting = '2'
AND p.products_id = pd.products_id
AND pd.products_id IN ($product_ids)
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$order_history_split = new splitPageResults($order_history_raw, MAX_DISPLAY_PRODUCTS_NEW);
$order_history_result = $dbconn->Execute($order_history_split->sql_query);
$aOrderHistory = array();
while ($order_history = $order_history_result->fields) {
$new_product_price = NULL;
$new_product_special_price = NULL;
$new_base_product_price = NULL;
$base_product_price = $order_history['products_price'];
$new_product_price = $oCurrencies->display_price($order_history['products_price'], oos_get_tax_rate($order_history['products_tax_class_id']));
if (isset($order_history['specials_new_products_price'])) {
$base_product_price = $order_history['specials_new_products_price'];
$new_product_special_price = $oCurrencies->display_price($base_product_price, oos_get_tax_rate($order_history['products_tax_class_id']));
}
if ($order_history['products_base_price'] != 1) {
$new_base_product_price = $oCurrencies->display_price($base_product_price * $order_history['products_base_price'], oos_get_tax_rate($order_history['products_tax_class_id']));
}
$order_min = number_format($order_history['products_quantity_order_min']);
$order_max = number_format($order_history['products_quantity_order_max']);
$aOrderHistory[] = array('id' => $order_history['products_id'],
'name' => $order_history['products_name'],
'image' => $order_history['products_image'],
'order_min' => $order_min,
'order_max' => $order_max,
'product_quantity' => $order_history['products_product_quantity'],
'new_product_price' => $new_product_price,
'new_product_special_price' => $new_product_special_price,
'new_base_product_price' => $new_base_product_price,
'products_base_price' => $order_history['products_base_price'],
'new_products_base_unit' => $order_history['products_base_unit'],
'products_units' => $order_history['products_units_id'],
'date_added' => $order_history['products_date_added'],
'manufacturer' => $order_history['manufacturers_name']);
$order_history_result->MoveNext();
}
// assign Smarty variables;
$smarty->assign(
array(
'page_split' => $order_history_split->display_count($aLang['text_display_number_of_products']),
'display_links' => $order_history_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $order_history_split->number_of_rows,
'numpages' => $order_history_split->number_of_pages,
'order_history' => $aOrderHistory
)
);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['account_order_history']));
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'page' => $nPage
)
);
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

189
msd2/myoos/includes/content/account_wishlist.php Normal file
View File

@ -0,0 +1,189 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: wishlist_help.php,v 1 2002/11/09 wib
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_wishlist.php';
$customers_wishlisttable = $oostable['customers_wishlist'];
$wishlist_result_raw = "SELECT products_id, customers_wishlist_date_added
FROM $customers_wishlisttable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND customers_wishlist_link_id = '" . oos_db_input($_SESSION['customer_wishlist_link_id']) . "'
ORDER BY customers_wishlist_date_added";
$wishlist_split = new splitPageResults($wishlist_result_raw, MAX_DISPLAY_WISHLIST_PRODUCTS);
$wishlist_result = $dbconn->Execute($wishlist_split->sql_query);
$aWishlist = array();
while ($wishlist = $wishlist_result->fields) {
$wl_products_id = oos_get_product_id($wishlist['products_id']);
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, pd.products_name, pd.products_description, p.products_model, p.products_replacement_product_id,
p.products_image, p.products_price, p.products_base_price, p.products_base_unit, p.products_product_quantity,
p.products_quantity_order_min, p.products_quantity_order_max,
p.products_tax_class_id, p.products_units_id
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_id = '" . intval($wl_products_id) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$wishlist_product = $dbconn->GetRow($sql);
$wishlist_product_price = NULL;
$wishlist_product_special_price = NULL;
$wishlist_base_product_price = NULL;
$wishlist_special_price = NULL;
$base_product_price = $wishlist_product['products_price'];
$wishlist_product_price = $oCurrencies->display_price($wishlist_product['products_price'], oos_get_tax_rate($wishlist_product['products_tax_class_id']));
if ($wishlist_special_price = oos_get_products_special_price($wl_products_id)) {
$base_product_price = $wishlist_special_price;
$wishlist_product_special_price = $oCurrencies->display_price($wishlist_special_price, oos_get_tax_rate($wishlist_product['products_tax_class_id']));
}
if ($wishlist_product['products_base_price'] != 1) {
$wishlist_base_product_price = $oCurrencies->display_price($base_product_price * $wishlist_product['products_base_price'], oos_get_tax_rate($wishlist_product['products_tax_class_id']));
}
$customers_wishlist_attributestable = $oostable['customers_wishlist_attributes'];
$sql = "SELECT products_options_id, products_options_value_id
FROM $customers_wishlist_attributestable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND customers_wishlist_link_id = '" . oos_db_input($_SESSION['customer_wishlist_link_id']) . "' AND
products_id = '" . oos_db_input($wishlist['products_id']) . "'";
$attributes_result = $dbconn->Execute($sql);
$attributes_print = '';
$attributes_hidden_field = '';
while ($attributes = $attributes_result->fields) {
$attributes_hidden_field .= oos_draw_hidden_field('id[' . $attributes['products_options_id'] . ']', $attributes['products_options_value_id']);
$attributes_print .= '<ul class="list-unstyled mb-0">';
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
$sql = "SELECT popt.products_options_name,
poval.products_options_values_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($wl_products_id) . "'
AND pa.options_id = '" . oos_db_input($attributes['products_options_id']) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . oos_db_input($attributes['products_options_value_id']) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
$option_values = $dbconn->GetRow($sql);
$attributes_print .= '<li> - ' . $option_values['products_options_name'] . ' ' . $option_values['products_options_values_name'] . ' ';
if ($option_values['options_values_price'] != 0) {
$attributes_print .= $option_values['price_prefix'] . $oCurrencies->display_price($option_values['options_values_price'], oos_get_tax_rate($wishlist_product['products_tax_class_id'])) . '</li>';
} else {
$attributes_print .= '</li>';
}
$attributes_print .= '</ul>';
$attributes_result->MoveNext();
}
$order_min = number_format($wishlist_product['products_quantity_order_min']);
$order_max = number_format($wishlist_product['products_quantity_order_max']);
// with option $wishlist['products_id'] = 2{3}1
$aWishlist[] = array('products_id' => $wishlist['products_id'],
'wl_products_id' => $wl_products_id,
'products_image' => $wishlist_product['products_image'],
'products_name' => $wishlist_product['products_name'],
'order_min' => $order_min,
'order_max' => $order_max,
'product_quantity' => $wishlist_product['products_product_quantity'],
'product_units' => $wishlist_product['products_units_id'],
'product_price' => $wishlist_product_price,
'product_special_price' => $wishlist_product_special_price,
'base_product_price' => $wishlist_base_product_price,
'products_base_price' => $wishlist_product['products_base_price'],
'products_base_unit' => $wishlist_product['products_base_unit'],
'attributes_print' => $attributes_print);
$wishlist_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['account_wishlist']));
$sCanonical = oos_href_link($aContents['specials'], 'page='. $nPage, FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/account_wishlist.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical,
'account_active' => 1,
'page_split' => $wishlist_split->display_count($aLang['text_display_number_of_wishlist']),
'display_links' => $wishlist_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $wishlist_split->number_of_rows,
'numpages' => $wishlist_split->number_of_pages,
'page' => $nPage,
'wishlist' => $aWishlist,
'attributes_hidden' => $attributes_hidden_field,
'attributes_print' => $attributes_print
)
);
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

243
msd2/myoos/includes/content/admin_login.php Normal file
View File

@ -0,0 +1,243 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: login_admin.php
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
----------------------------------------------------------------------
P&G Shipping Module Version 0.1 12/03/2002
osCommerce Shipping Management Module
Copyright (c) 2002 - Oliver Baelde
http://www.francecontacts.com
dev@francecontacts.com
- eCommerce Solutions development and integration -
osCommerce, Open Source E-Commerce Solutions
Copyright (c) 2002 osCommerce
http://www.oscommerce.com
IMPORTANT NOTE:
This script is not part of the official osCommerce distribution
but an add-on contributed to the osCommerce community. Please
read the README and INSTALL documents that are provided
with this file for further information and installation notes.
LICENSE:
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
All contributions are gladly accepted though Paypal.
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// check
$manual_infotable = $oostable['manual_info'];
$sql = "SELECT status FROM $manual_infotable WHERE man_info_id = '1'";
$login = $dbconn->GetRow($sql);
if ($login['status'] == '0') {
oos_redirect(oos_href_link($aContents['403']));
}
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_key_generate.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/admin_login.php';
if (isset($_SESSION['customer_id'])) {
unset($_SESSION['customer_id']);
unset($_SESSION['customer_wishlist_link_id']);
unset($_SESSION['customer_default_address_id']);
unset($_SESSION['customer_gender']);
unset($_SESSION['customer_first_name']);
unset($_SESSION['customer_lastname']);
unset($_SESSION['customer_country_id']);
unset($_SESSION['customer_zone_id']);
unset($_SESSION['comments']);
unset($_SESSION['customer_max_order']);
unset($_SESSION['gv_id']);
unset($_SESSION['cc_id']);
unset($_SESSION['man_key']);
$_SESSION['cart']->reset();
$_SESSION['user']->anonymous();
}
if ( isset($_POST['action']) && ($_POST['action'] == 'login_process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$email_address = oos_prepare_input($_POST['email_address']);
$keya = oos_prepare_input($_POST['keya']);
$keyb = oos_prepare_input($_POST['keyb']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $keyb ) || !is_string( $keyb ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$manual_infotable = $oostable['manual_info'];
$sql = "SELECT man_name, defined
FROM $manual_infotable
WHERE man_key = '" . oos_db_input($keya) . "'
AND man_key2 = '" . oos_db_input($keyb) . "'
AND status = '1'";
$login_result = $dbconn->Execute($sql);
if (!$login_result->RecordCount()) {
$manual_infotable = $oostable['manual_info'];
$dbconn->Execute("UPDATE $manual_infotable
SET man_key = '',
man_key2 = ''
WHERE man_info_id = '1'");
oos_redirect(oos_href_link($aContents['403']));
}
// Check if email exists
$customerstable = $oostable['customers'];
$sql = "SELECT customers_id, customers_gender, customers_firstname, customers_lastname,
customers_password, customers_wishlist_link_id,
customers_email_address, customers_default_address_id, customers_max_order
FROM $customerstable
WHERE customers_login = '1'
AND customers_email_address = '" . oos_db_input($email_address) . "'";
$check_customer_result = $dbconn->Execute($sql);
if (!$check_customer_result->RecordCount()) {
$manual_infotable = $oostable['manual_info'];
$dbconn->Execute("UPDATE " . $oostable['manual_info'] . "
SET man_key2 = ''
WHERE where man_info_id = '1'");
oos_redirect(oos_href_link($aContents['403']));
} else {
$check_customer = $check_customer_result->fields;
$login_result_values = $login_result->fields;
// Check that status is 1 and
$address_booktable = $oostable['address_book'];
$sql = "SELECT entry_vat_id, entry_vat_id_status, entry_country_id, entry_zone_id
FROM $address_booktable
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'
AND address_book_id = '" . intval($check_customer['customers_default_address_id']) . "'";
$check_country = $dbconn->GetRow($sql);
$_SESSION['customer_wishlist_link_id'] = $check_customer['customers_wishlist_link_id'];
$_SESSION['customer_id'] = $check_customer['customers_id'];
$_SESSION['customer_default_address_id'] = $check_customer['customers_default_address_id'];
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $check_customer['customers_gender'];
$_SESSION['customer_first_name'] = $check_customer['customers_firstname'];
$_SESSION['customer_lastname'] = $check_customer['customers_lastname'];
$_SESSION['customer_max_order'] = $check_customer['customers_max_order'];
$_SESSION['customer_country_id'] = $check_country['entry_country_id'];
$_SESSION['customer_zone_id'] = $check_country['entry_zone_id'];
if (ACCOUNT_VAT_ID == 'true') $_SESSION['customers_vat_id_status'] = $check_customer['entry_vat_id_status'];
$_SESSION['man_key'] = $keya;
$_SESSION['user']->restore_group();
$aUser = $_SESSION['user']->group;
// restore cart contents
$_SESSION['cart']->restore_contents();
oos_redirect(oos_href_link($aContents['account']));
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['login']));
$sCanonical = oos_href_link($aContents['login'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/admin_login.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
if (isset($_GET['action']) && ($_GET['action'] == 'login_admin')) {
$email_address = oos_prepare_input($_POST['email_address']);
$verif_key = oos_prepare_input($_POST['verif_key']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $verif_key ) || !is_string( $verif_key ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$passwordLength = 24 ;
$newkey2 = RandomPassword($passwordLength);
$manual_infotable = $oostable['manual_info'];
$dbconn->Execute("UPDATE $manual_infotable
SET man_key2 = '" . oos_db_input($newkey2) . "'
WHERE man_key = '" . oos_db_input($verif_key) . "'
AND man_info_id = '1'");
$manual_infotable = $oostable['manual_info'];
$login_query = "SELECT man_key2, man_key3, status FROM $manual_infotable WHERE man_key = '" . oos_db_input($verif_key) . "' AND status = '1'";
$login_result_values = $dbconn->Execute($login_query);
if (!$login_result_values->RecordCount()) {
oos_redirect(oos_href_link($aContents['403']));
}
$smarty->assign(
array('newkey2' => $newkey2,
'email_address' => $email_address,
'verif_key' => $verif_key,
'login_result_values' => $login_result_values
)
);
}
// display the template
$smarty->display($aTemplate['page']);

116
msd2/myoos/includes/content/advanced_search.php Normal file
View File

@ -0,0 +1,116 @@
<?php
/* ----------------------------------------------------------------------
OOS [OSIS Online Shop]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the OOS Development Team.
----------------------------------------------------------------------
Based on:
File: advanced_search.php,v 1.49 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
function oos_get_manufacturers() {
if (!is_array($aManufacturers)) $aManufacturers = array();
$dbconn =& oosDBGetConn();
$oostable = oosDBGetTables();
$manufacturers_result = $dbconn->Execute("SELECT manufacturers_id, manufacturers_name FROM " . $oostable['manufacturers'] . " ORDER BY manufacturers_name");
while ($manufacturers = $manufacturers_result->fields) {
$aManufacturers[] = array('id' => $manufacturers['manufacturers_id'], 'text' => $manufacturers['manufacturers_name']);
$manufacturers_result->MoveNext();
}
return $aManufacturers;
}
require 'includes/languages/' . $sLanguage . '/search_advanced.php';
$error = '';
if (isset($_GET['errorno'])) {
if (($_GET['errorno'] & 1) == 1) {
$error .= str_replace('\n', '<br />', $aLang['js_at_least_one_input']);
}
if (($_GET['errorno'] & 10) == 10) {
$error .= str_replace('\n', '<br />', $aLang['js_invalid_from_date']);
}
if (($_GET['errorno'] & 100) == 100) {
$error .= str_replace('\n', '<br />', $aLang['js_invalid_to_date']);
}
if (($_GET['errorno'] & 1000) == 1000) {
$error .= str_replace('\n', '<br />', $aLang['js_to_date_less_than_from_date']);
}
if (($_GET['errorno'] & 10000) == 10000) {
$error .= str_replace('\n', '<br />', $aLang['js_price_from_must_be_num']);
}
if (($_GET['errorno'] & 100000) == 100000) {
$error .= str_replace('\n', '<br />', $aLang['js_price_to_must_be_num']);
}
if (($_GET['errorno'] & 1000000) == 1000000) {
$error .= str_replace('\n', '<br />', $aLang['js_price_to_less_than_price_from']);
}
if (($_GET['errorno'] & 10000000) == 10000000) {
$error .= str_replace('\n', '<br />', $aLang['js_invalid_keywords']);
}
}
$aCategoriesID = oos_get_categories(array(array('id' => '', 'text' => $aLang['text_all_categories'])));
$aManufacturersID = oos_get_manufacturers(array(array('id' => '', 'text' => $aLang['text_all_manufacturers'])));
/*
$options_box .= ' <tr>' . "\n" .
' <td class="fieldKey">' . $aLang['entry_date_from'] . '</td>' . "\n" .
' <td class="fieldValue">' . oos_draw_input_field('dfrom', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"') . '</td>' . "\n" .
' </tr>' . "\n" .
' <tr>' . "\n" .
' <td class="fieldKey">' . $aLang['entry_date_to'] . '</td>' . "\n" .
' <td class="fieldValue">' . oos_draw_input_field('dto', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"') . '</td>' . "\n" .
' </tr>' . "\n";
*/
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['advanced_search'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/advanced_search.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'error' => $error,
'categoriesID' => $aCategoriesID,
'manufacturersID' => $aManufacturersID
)
);
// display the template
$smarty->display($aTemplate['page']);

388
msd2/myoos/includes/content/advanced_search_result.php Normal file
View File

@ -0,0 +1,388 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: advanced_search_result.php,v 1.67 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_search.php';
require 'includes/languages/' . $sLanguage . '/search_advanced_result.php';
$get_parameters = '';
$keywords = isset($_GET['keywords']) && !empty($_GET['keywords']) ? stripslashes(trim(urldecode($_GET['keywords']))) : FALSE;
$get_parameters .= '&keywords=' . $keywords;
$search_in_description = isset($_GET['search_in_description']) && is_numeric($_GET['search_in_description']) ? (int)$_GET['search_in_description'] : 0;
$get_parameters .= '&search_in_description=' . $search_in_description;
$categories_id = isset($_GET['categories_id']) && is_numeric($_GET['categories_id']) ? (int)$_GET['categories_id'] : FALSE;
$get_parameters .= '&categories_id=' . $categories_id;
$inc_subcat = isset($_GET['inc_subcat']) && is_numeric($_GET['inc_subcat']) ? (int)$_GET['inc_subcat'] : 0;
$get_parameters .= '&inc_subcat=' . $inc_subcat;
$manufacturers_id = isset($_GET['manufacturers_id']) && is_numeric($_GET['manufacturers_id']) ? (int)$_GET['manufacturers_id'] : FALSE;
$get_parameters .= '&manufacturers_id=' . $manufacturers_id;
$pfrom = isset($_GET['pfrom']) && !empty($_GET['pfrom']) ? stripslashes($_GET['pfrom']) : FALSE;
$get_parameters .= '&pfrom=' . $pfrom;
$pto = isset($_GET['pto']) && !empty($_GET['pto']) ? stripslashes($_GET['pto']) : FALSE;
$get_parameters .= '&pto=' . $pto;
$dfrom = isset($_GET['dfrom']) && !empty($_GET['dfrom']) ? stripslashes($_GET['dfrom']) : FALSE;
$get_parameters .= '&dfrom=' . $dfrom;
$dto = isset($_GET['dto']) && !empty($_GET['dto']) ? stripslashes($_GET['dto']) : FALSE;
$get_parameters .= '&dto=' . $dto;
$errorno = 0;
$dfrom_to_check = (($dfrom == DOB_FORMAT_STRING) ? '' : $dfrom);
$dto_to_check = (($dto == DOB_FORMAT_STRING) ? '' : $dto);
if (strlen($dfrom_to_check) > 0) {
if (!oos_checkdate($dfrom_to_check, DOB_FORMAT_STRING, $dfrom_array)) {
$errorno += 10;
}
}
if (strlen($dto_to_check) > 0) {
if (!oos_checkdate($dto_to_check, DOB_FORMAT_STRING, $dto_array)) {
$errorno += 100;
}
}
if (strlen($dfrom_to_check) > 0 && !(($errorno & 10) == 10) && strlen($dto_to_check) > 0 && !(($errorno & 100) == 100)) {
if (mktime(0, 0, 0, $dfrom_array[1], $dfrom_array[2], $dfrom_array[0]) > mktime(0, 0, 0, $dto_array[1], $dto_array[2], $dto_array[0])) {
$errorno += 1000;
}
}
if (strlen($pfrom) > 0) {
$pfrom_to_check = oos_var_prep_for_os($pfrom);
if (!settype($pfrom_to_check, "double")) {
$errorno += 10000;
}
}
if (strlen($pto) > 0) {
$pto_to_check = oos_var_prep_for_os($pto);
if (!settype($pto_to_check, "double")) {
$errorno += 100000;
}
}
if (strlen($pfrom) > 0 && !(($errorno & 10000) == 10000) && strlen($pto) > 0 && !(($errorno & 100000) == 100000)) {
if ($pfrom_to_check > $pto_to_check) {
$errorno += 1000000;
}
}
if (oos_is_not_null($keywords)) {
if (!oos_parse_search_string($keywords, $search_keywords)) {
$errorno += 10000000;
}
}
if ($errorno > 0) {
oos_redirect(oos_href_link($aContents['advanced_search'], 'errorno=' . $errorno . $get_parameters));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title1'], oos_href_link($aContents['advanced_search']));
$oBreadcrumb->add($aLang['navbar_title2']);
// create column list
$define_list = array('PRODUCT_LIST_MODEL' => '1',
'PRODUCT_LIST_NAME' => '2',
'PRODUCT_LIST_MANUFACTURER' => '3',
'PRODUCT_LIST_UVP' => '4',
'PRODUCT_LIST_PRICE' => '5',
'PRODUCT_LIST_QUANTITY' => '6',
'PRODUCT_LIST_WEIGHT' => '7',
'PRODUCT_LIST_IMAGE' => '8',
'PRODUCT_LIST_BUY_NOW' => '9');
asort($define_list);
$column_list = array();
reset($define_list);
foreach($define_list as $column => $value) {
if ($value) $column_list[] = $column;
}
$select_column_list = '';
for ($col=0, $n=count($column_list); $col<$n; $col++) {
if ( ($column_list[$col] == 'PRODUCT_LIST_BUY_NOW')
|| ($column_list[$col] == 'PRODUCT_LIST_NAME')
|| ($column_list[$col] == 'PRODUCT_LIST_PRICE') ) {
continue;
}
if (oos_is_not_null($select_column_list)) {
$select_column_list .= ', ';
}
switch ($column_list[$col]) {
case 'PRODUCT_LIST_MODEL':
$select_column_list .= 'p.products_model';
break;
case 'PRODUCT_LIST_MANUFACTURER':
$select_column_list .= 'm.manufacturers_name';
break;
case 'PRODUCT_LIST_QUANTITY':
$select_column_list .= 'p.products_quantity';
break;
case 'PRODUCT_LIST_IMAGE':
$select_column_list .= 'p.products_image';
break;
case 'PRODUCT_LIST_WEIGHT':
$select_column_list .= 'p.products_weight';
break;
default:
$select_column_list .= "pd.products_name";
break;
}
}
if (oos_is_not_null($select_column_list)) {
$select_column_list .= ', ';
}
$select_str = "SELECT DISTINCT " . $select_column_list . " m.manufacturers_id, p.products_id, p.products_replacement_product_id, pd.products_name,
p.products_discount1, p.products_discount2, p.products_discount3, p.products_discount4,
p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_quantity_order_min, p.products_quantity_order_max,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_product_quantity,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price ";
if ( ($aUser['price_with_tax'] == 1) && ( (isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($pto) && oos_is_not_null($pto))) ) {
$select_str .= ", SUM(tr.tax_rate) AS tax_rate ";
}
$from_str = "FROM " . $oostable['products'] . " p LEFT JOIN
" . $oostable['manufacturers'] . " m using(manufacturers_id) LEFT JOIN
" . $oostable['specials'] . " s ON p.products_id = s.products_id";
if ( ($aUser['price_with_tax'] == 1) && ( (isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($pto) && oos_is_not_null($pto))) ) {
$nCountry_id = STORE_COUNTRY;
$nZone_id = STORE_ZONE;
if (isset($_SESSION)) {
if (isset($_SESSION['customer_country_id'])) {
$nCountry_id = $_SESSION['customer_country_id'];
$nZone_id = $_SESSION['customer_zone_id'];
}
}
$from_str .= " LEFT JOIN
" . $oostable['tax_rates'] . " tr
ON p.products_tax_class_id = tr.tax_class_id LEFT JOIN
" . $oostable['zones_to_geo_zones'] . " gz
ON tr.tax_zone_id = gz.geo_zone_id AND
(gz.zone_country_id is null OR
gz.zone_country_id = '0' OR
gz.zone_country_id = '" . intval($nCountry_id) . "') AND
(gz.zone_id is null OR
gz.zone_id = '0' OR
gz.zone_id = '" . intval($nZone_id) . "')";
}
$from_str .= ", " . $oostable['products_description'] . " pd, " . $oostable['categories'] . " c, " . $oostable['products_to_categories'] . " p2c";
$where_str = " WHERE
p.products_setting = '2' AND
p.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' AND
p.products_id = p2c.products_id AND
p2c.categories_id = c.categories_id ";
if (isset($categories_id) && is_numeric($categories_id)) {
if ($_GET['inc_subcat'] == '1') {
$subcategories_array = array();
oos_get_subcategories($subcategories_array, $categories_id);
$where_str .= " AND
p2c.products_id = p.products_id AND
p2c.products_id = pd.products_id AND
(p2c.categories_id = '" . intval($categories_id) . "'";
for ($i=0, $n=count($subcategories_array); $i<$n; $i++ ) {
$where_str .= " OR p2c.categories_id = '" . intval($subcategories_array[$i]) . "'";
}
$where_str .= ")";
} else {
$where_str .= " AND
p2c.products_id = p.products_id AND
p2c.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' AND
p2c.categories_id = '" . intval($categories_id) . "'";
}
}
if (isset($manufacturers_id) && is_numeric($manufacturers_id)) {
$where_str .= " AND m.manufacturers_id = '" . intval($manufacturers_id) . "'";
}
if (isset($search_keywords) && (count($search_keywords) > 0)) {
$where_str .= " AND (";
for ($i=0, $n=count($search_keywords); $i<$n; $i++ ) {
switch ($search_keywords[$i]) {
case '(':
case ')':
case 'and':
case 'or':
$where_str .= " " . $search_keywords[$i] . " ";
break;
default:
$keyword = oos_db_prepare_input($search_keywords[$i]);
$where_str .= " (pd.products_name LIKE '%" . oos_db_input($keyword) . "%'
OR p.products_model LIKE '%" . oos_db_input($keyword) . "%'
OR p.products_ean LIKE '%" . oos_db_input($keyword) . "%'
OR m.manufacturers_name LIKE '%" . oos_db_input($keyword) . "%'";
if (isset($_GET['search_in_description']) && ($_GET['search_in_description'] == '1')) $where_str .= " OR pd.products_short_description LIKE '%" . oos_db_input($keyword) . "%'";
if (isset($_GET['search_in_description']) && ($_GET['search_in_description'] == '1')) $where_str .= " OR pd.products_description LIKE '%" . oos_db_input($keyword) . "%'";
$where_str .= ')';
break;
}
}
$where_str .= " )";
}
if (isset($dfrom) && oos_is_not_null($dfrom) && ($dfrom != DOB_FORMAT_STRING)) {
$where_str .= " AND p.products_date_added >= '" . oos_date_raw($dfrom_to_check) . "'";
}
if (isset($dto) && oos_is_not_null($dto) && ($dto != DOB_FORMAT_STRING)) {
$where_str .= " AND p.products_date_added <= '" . oos_date_raw($dto_to_check) . "'";
}
$rate = $oCurrencies->get_value($sCurrency);
if ($rate) {
$pfrom = oos_var_prep_for_os($_GET['pfrom'] / $rate);
$pto = oos_var_prep_for_os($_GET['pto'] / $rate);
}
if ($aUser['price_with_tax'] == 1) {
if ($pfrom) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100) ) >= " . oos_db_input($pfrom) . ")";
if ($pto) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100) ) <= " . oos_db_input($pto) . ")";
} else {
if ($pfrom) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) >= " . oos_db_input($pfrom) . ")";
if ($pto) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) <= " . oos_db_input($pto) . ")";
}
if ( ($aUser['price_with_tax'] == 1) && ((isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($_GET['pto']) && oos_is_not_null($_GET['pto']))) ) {
$where_str .= " GROUP BY p.products_id, tr.tax_priority";
}
if ( (!isset($_GET['sort'])) || (!preg_match('/[1-8][ad]/', $_GET['sort'])) || (substr($_GET['sort'], 0 , 1) > count($column_list)) ) {
for ($col=0, $n=count($column_list); $col<$n; $col++) {
if ($column_list[$col] == 'PRODUCT_LIST_NAME') {
$_GET['sort'] = $col+1 . 'a';
$order_str = ' ORDER BY pd.products_name';
break;
}
}
} else {
$sort_col = substr($_GET['sort'], 0 , 1);
$sort_order = substr($_GET['sort'], 1);
$order_str = ' ORDER BY ';
switch ($column_list[$sort_col-1]) {
case 'PRODUCT_LIST_MODEL':
$order_str .= "p.products_model " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_NAME':
$order_str .= "pd.products_name " . ($sort_order == 'd' ? "desc" : "");
break;
case 'PRODUCT_LIST_MANUFACTURER':
$order_str .= "m.manufacturers_name " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_QUANTITY':
$order_str .= "p.products_quantity " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_IMAGE':
$order_str .= "pd.products_name";
break;
case 'PRODUCT_LIST_WEIGHT':
$order_str .= "p.products_weight " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_PRICE':
$order_str .= "final_price " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
default:
$order_str .= "pd.products_name";
break;
}
}
$listing_sql = $select_str . $from_str . $where_str . $order_str;
$aTemplate['page'] = $sTheme . '/page/advanced_search_result.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'text_no_products' => sprintf($aLang['text_no_products'], $keywords)
)
);
require_once MYOOS_INCLUDE_PATH . '/includes/modules/product_listing.php';
$smarty->assign('oos_get_all_get_params', oos_get_all_get_parameters(array('sort', 'page')));
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

189
msd2/myoos/includes/content/checkout_confirmation.php Normal file
View File

@ -0,0 +1,189 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_confirmation.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_confirmation.php,v 1.135 2003/02/14 20:28:46 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_confirmation.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot(array('content' =>$aContents['checkout_payment']));
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) {
if ($_SESSION['cart']->cartID != $_SESSION['cartID']) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
if (isset($_POST['payment'])) $_SESSION['payment'] = oos_db_prepare_input($_POST['payment']);
if ( (isset($_POST['comments'])) && (empty($_POST['comments'])) ) {
$_SESSION['comments'] = '';
} elseif (oos_is_not_null($_POST['comments'])) {
$_SESSION['comments'] = oos_db_prepare_input($_POST['comments']);
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if (!isset($_SESSION['shipping'])) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
// load the selected payment module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_payment.php';
if (!isset($credit_covers)) $credit_covers = FALSE;
if ($credit_covers) {
unset($_SESSION['payment']);
$_SESSION['payment'] = '';
}
$payment_modules = new payment($_SESSION['payment']);
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order_total.php';
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
if ( (isset($_SESSION['shipping'])) && ($_SESSION['shipping']['id'] == 'free_free')) {
if ( ($oOrder->info['total'] - $oOrder->info['shipping_cost']) < MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER ) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
$payment_modules->update_status();
$order_total_modules = new order_total;
$order_total_modules->collect_posts();
if (isset($_SESSION['cot_gv'])) {
$credit_covers = $order_total_modules->pre_confirmation_check();
}
if ( ($_SESSION['payment'] == '' || !is_object(${$_SESSION['payment']}) ) && $credit_covers === FALSE) {
$oMessage->add_session('checkout_payment', $aLang['error_no_payment_module_selected'], 'error');
}
if (is_array($payment_modules->modules)) {
$payment_modules->pre_confirmation_check();
}
if ($oMessage->size('checkout_payment') > 0) {
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
// load the selected shipping module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_shipping.php';
$shipping_modules = new shipping($_SESSION['shipping']);
// Stock Check
$any_out_of_stock = FALSE;
if (STOCK_CHECK == 'true') {
for ($i=0, $n=count($oOrder->products); $i<$n; $i++) {
if (oos_check_stock($oOrder->products[$i]['id'], $oOrder->products[$i]['qty'])) {
$any_out_of_stock = TRUE;
}
}
// Out of Stock
if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == TRUE) ) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2']);
$aTemplate['page'] = $sTheme . '/page/checkout_confirmation.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1
)
);
if (MODULE_ORDER_TOTAL_INSTALLED) {
$order_total_modules->process();
$order_total_output = $order_total_modules->output();
$smarty->assign('order_total_output', $order_total_output);
}
if (is_array($payment_modules->modules)) {
if ($confirmation == $payment_modules->confirmation()) {
$smarty->assign('confirmation', $confirmation);
}
}
if (is_array($payment_modules->modules)) {
$payment_modules_process_button = $payment_modules->process_button();
}
if (isset(${$_SESSION['payment']}->form_action_url)) {
$form_action_url = ${$_SESSION['payment']}->form_action_url;
} else {
$form_action_url = oos_href_link($aContents['checkout_process']);
}
$smarty->assign('form_action_url', $form_action_url);
$smarty->assign('payment_modules_process_button', $payment_modules_process_button);
$smarty->assign('order', $oOrder);
$smarty->assign('text_conditions', sprintf($aLang['text_conditions'], oos_href_link($aContents['information'], 'information_id=2'), oos_href_link($aContents['information'], 'information_id=3'), oos_href_link($aContents['information'], 'information_id=4') ));
// display the template
$smarty->display($aTemplate['page']);

147
msd2/myoos/includes/content/checkout_payment.php Normal file
View File

@ -0,0 +1,147 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_payment.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_payment.php,v 1.109 2003/02/14 20:28:47 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_payment.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
if (oos_empty($aUser['payment'])) {
oos_redirect(oos_href_link($aContents['403']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if (!isset($_SESSION['shipping'])) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) {
if ($_SESSION['cart']->cartID != $_SESSION['cartID']) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// Stock Check
if ( (STOCK_CHECK == 'true') && (STOCK_ALLOW_CHECKOUT != 'true') ) {
$products = $_SESSION['cart']->get_products();
$any_out_of_stock = 0;
for ($i=0, $n=count($products); $i<$n; $i++) {
if (oos_check_stock($products[$i]['id'], $products[$i]['quantity'])) {
$any_out_of_stock = 1;
}
}
if ($any_out_of_stock == 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
}
// if no billing destination address was selected, use the customers own address as default
if (!isset($_SESSION['billto'])) {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
} else {
// verify the selected billing address
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['billto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] != '1') {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
if (isset($_SESSION['payment'])) unset($_SESSION['payment']);
}
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order_total.php';
$order_total_modules = new order_total;
$total_weight = $_SESSION['cart']->show_weight();
$total_count = $_SESSION['cart']->count_contents();
$total_count = $_SESSION['cart']->count_contents_virtual();
// load all enabled payment modules
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_payment.php';
$payment_modules = new payment;
$selection = $payment_modules->selection();
$credit_selection = $order_total_modules->credit_selection();
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_payment']));
$aTemplate['page'] = $sTheme . '/page/checkout_payment.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1
)
);
$smarty->assign(
array(
'selection' => $selection,
'credit_selection' => $credit_selection
)
);
// display the template
$smarty->display($aTemplate['page']);

373
msd2/myoos/includes/content/checkout_payment_address.php Normal file
View File

@ -0,0 +1,373 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_payment_address.php,v 1.7 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_payment_address.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
$bError = FALSE; // reset error flag
$bProcess = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'submit') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
// Process a new billing address
if (oos_is_not_null($_POST['firstname']) && oos_is_not_null($_POST['lastname']) && oos_is_not_null($_POST['street_address'])) {
$bProcess = TRUE;
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error']);
}
}
}
if ($bError == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT max(address_book_id) AS address_book_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$next_id_result = $dbconn->Execute($sql);
if ($next_id_result->RecordCount()) {
$next_id = $next_id_result->fields;
$entry_id = $next_id['address_book_id']+1;
} else {
$entry_id = 1;
}
$sql_data_array = array('customers_id' => intval($_SESSION['customer_id']),
'address_book_id' => $entry_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_VAT_ID == 'true') {
$sql_data_array['entry_vat_id'] = $vat_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE) && ($country != STORE_COUNTRY)) {
$sql_data_array['entry_vat_id_status'] = 1;
} else {
$sql_data_array['entry_vat_id_status'] = 0;
}
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$_SESSION['billto'] = $entry_id;
if (isset($_SESSION['payment'])) unset($_SESSION['payment']);
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
// Process the selected billing destination
} elseif (isset($_POST['address'])) {
$reset_payment = FALSE;
if (isset($_SESSION['billto'])) {
if ($_SESSION['billto'] != $_POST['address']) {
if (isset($_SESSION['payment'])) {
$reset_payment = TRUE;
}
}
}
$_SESSION['billto'] = intval($_POST['address']);
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['billto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] == '1') {
if ($reset_payment == TRUE) unset($_SESSION['payment']);
oos_redirect(oos_href_link($aContents['checkout_payment']));
} else {
unset($_SESSION['billto']);
}
// no addresses to select from - customer decided to keep the current assigned address
} else {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
}
// if no billing destination address was selected, use their own address as default
if (!isset($_SESSION['billto'])) {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
}
if ($bProcess == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id != '" . intval($_SESSION['billto']) . "'";
$addresses_count_result = $dbconn->Execute($sql);
$addresses_count = $addresses_count_result->fields['total'];
if ($addresses_count > 0) {
$radio_buttons = 0;
$address_booktable = $oostable['address_book'];
$sql = "SELECT address_book_id, entry_firstname AS firstname, entry_lastname AS lastname,
entry_company AS company, entry_street_address AS street_address,
entry_city AS city, entry_postcode AS postcode,
entry_state AS state, entry_zone_id AS zone_id, entry_country_id AS country_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$addresses_result = $dbconn->Execute($sql);
$addresses_array = array();
while ($addresses = $addresses_result->fields) {
$format_id = oos_get_address_format_id($address['country_id']);
$addresses_array[] = array('format_id' => $format_id,
'radio_buttons' => $radio_buttons,
'firstname' => $addresses['firstname'],
'lastname' => $addresses['lastname'],
'address_book_id' => $addresses['address_book_id'],
'address' => oos_address_format($format_id, $addresses, true, ' ', ', '));
$radio_buttons++;
$addresses_result->MoveNext();
}
}
}
if (!isset($bProcess)) $bProcess = FALSE;
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_payment']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_payment_address']));
$aTemplate['page'] = $sTheme . '/page/checkout_payment_address.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('checkout_address') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('checkout_address') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'process' => $bProcess,
'addresses_count' => $addresses_count,
'gender' => $gender,
'firstname' => $firstname,
'lastname' => $lastname,
'company' => $company,
'owner' => $owner,
'vat_id' => $vat_id,
'street_address' => $street_address,
'postcode' => $postcode,
'city' => $city,
'country' => $country,
'store_country' => STORE_COUNTRY,
'gender_error' => $gender_error,
'firstname_error' => $firstname_error,
'lastname_error' => $lastname_error,
'street_address_error' => $street_address_error,
'post_code_error' => $post_code_error,
'city_error' => $city_error,
'state_error' => $state_error,
'state_has_zones' => $entry_state_has_zones,
'country_error' => $country_error
)
);
if ($bProcess == FALSE) {
$smarty->assign('addresses_array', $addresses_array);
}
if ($entry_state_has_zones == TRUE) {
$zones_names = array();
$zones_values = array();
$zonestable = $oostable['zones'];
$zones_result = $dbconn->Execute("SELECT zone_name FROM $zonestable WHERE zone_country_id = '" . intval($country) . "' ORDER BY zone_name");
while ($zones = $zones_result->fields) {
$zones_names[] = $zones['zone_name'];
$zones_values[] = $zones['zone_name'];
$zones_result->MoveNext();
}
$smarty->assign('zones_names', $zones_names);
$smarty->assign('zones_values', $zones_values);
} else {
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
$smarty->assign('zone_id', $zone_id);
}
$country_name = oos_get_country_name($country);
$smarty->assign('country_name', $country_name);
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
// display the template
$smarty->display($aTemplate['page']);

380
msd2/myoos/includes/content/checkout_process.php Normal file
View File

@ -0,0 +1,380 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_process.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_process.php,v 1.125 2003/02/16 13:21:43 thomasamoulton
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_process.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot(array('content' =>$aContents['checkout_payment']));
oos_redirect(oos_href_link($aContents['login']));
}
if (!isset($_SESSION['shipping']) || !isset($_SESSION['sendto'])) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
if ( (oos_is_not_null(MODULE_PAYMENT_INSTALLED)) && (!isset($_SESSION['payment'])) ) {
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) {
if ($_SESSION['cart']->cartID != $_SESSION['cartID']) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// load selected payment module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_payment.php';
$payment_modules = new payment($_SESSION['payment']);
// load the selected shipping module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_shipping.php';
$shipping_modules = new shipping($_SESSION['shipping']);
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
if ( (isset($_SESSION['shipping'])) && ($_SESSION['shipping']['id'] == 'free_free')) {
if ( ($oOrder->info['total'] - $oOrder->info['shipping_cost']) < MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER ) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// load the before_process function from the payment modules
$payment_modules->before_process();
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order_total.php';
$order_total_modules = new order_total;
$order_totals = $order_total_modules->process();
$sql_data_array = array('customers_id' => $_SESSION['customer_id'],
'customers_name' => $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'],
'customers_company' => $oOrder->customer['company'],
'customers_street_address' => $oOrder->customer['street_address'],
'customers_city' => $oOrder->customer['city'],
'customers_postcode' => $oOrder->customer['postcode'],
'customers_state' => $oOrder->customer['state'],
'customers_country' => $oOrder->customer['country']['title'],
'customers_telephone' => $oOrder->customer['telephone'],
'customers_email_address' => $oOrder->customer['email_address'],
'customers_address_format_id' => $oOrder->customer['format_id'],
'delivery_name' => $oOrder->delivery['firstname'] . ' ' . $oOrder->delivery['lastname'],
'delivery_company' => $oOrder->delivery['company'],
'delivery_street_address' => $oOrder->delivery['street_address'],
'delivery_city' => $oOrder->delivery['city'],
'delivery_postcode' => $oOrder->delivery['postcode'],
'delivery_state' => $oOrder->delivery['state'],
'delivery_country' => $oOrder->delivery['country']['title'],
'delivery_address_format_id' => $oOrder->delivery['format_id'],
'billing_name' => $oOrder->billing['firstname'] . ' ' . $oOrder->billing['lastname'],
'billing_company' => $oOrder->billing['company'],
'billing_street_address' => $oOrder->billing['street_address'],
'billing_city' => $oOrder->billing['city'],
'billing_postcode' => $oOrder->billing['postcode'],
'billing_state' => $oOrder->billing['state'],
'billing_country' => $oOrder->billing['country']['title'],
'billing_address_format_id' => $oOrder->billing['format_id'],
'payment_method' => $oOrder->info['payment_method'],
'date_purchased' => 'now()',
'last_modified' => 'now()',
'orders_status' => $oOrder->info['order_status'],
'currency' => $oOrder->info['currency'],
'currency_value' => $oOrder->info['currency_value'],
'orders_language' => $_SESSION['language']);
oos_db_perform($oostable['orders'], $sql_data_array);
$insert_id = $dbconn->Insert_ID();
for ($i=0, $n=count($order_totals); $i<$n; $i++) {
$sql_data_array = array('orders_id' => $insert_id,
'title' => $order_totals[$i]['title'],
'text' => $order_totals[$i]['text'],
'value' => $order_totals[$i]['value'],
'class' => $order_totals[$i]['code'],
'sort_order' => $order_totals[$i]['sort_order']);
oos_db_perform($oostable['orders_total'], $sql_data_array);
}
$customer_notification = ($oEvent->installed_plugin('mail')) ? '1' : '0';
$sql_data_array = array('orders_id' => $insert_id,
'orders_status_id' => $oOrder->info['order_status'],
'date_added' => 'now()',
'customer_notified' => $customer_notification,
'comments' => $oOrder->info['comments']);
oos_db_perform($oostable['orders_status_history'], $sql_data_array);
// initialized for the email confirmation
$products_ordered = '';
$subtotal = 0;
$total_tax = 0;
for ($i=0, $n=count($oOrder->products); $i<$n; $i++) {
// Stock Update - Joao Correia
if (STOCK_LIMITED == 'true') {
if (DOWNLOAD_ENABLED == 'true') {
$productstable = $oostable['products'];
$products_attributestable = $oostable['products_attributes'];
$products_attributes_downloadtable = $oostable['products_attributes_download'];
$stock_result_raw = "SELECT products_quantity, pad.products_attributes_filename
FROM $productstable p LEFT JOIN
$products_attributestable pa ON p.products_id = pa.products_id LEFT JOIN
$products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id
WHERE p.products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'";
// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
$products_attributes = $oOrder->products[$i]['attributes'];
if (is_array($products_attributes)) {
$stock_result_raw .= " AND pa.options_id = '" . intval($products_attributes[0]['option_id']) . "' AND pa.options_values_id = '" . intval($products_attributes[0]['value_id']) . "'";
}
$stock_result = $dbconn->Execute($stock_result_raw);
} else {
$productstable = $oostable['products'];
$sql = "SELECT products_quantity
FROM $productstable
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'";
$stock_result = $dbconn->Execute($sql);
}
if ($stock_result->RecordCount() > 0) {
$stock_values = $stock_result->fields;
// do not decrement quantities if products_attributes_filename exists
if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {
$stock_left = $stock_values['products_quantity'] - $oOrder->products[$i]['qty'];
} else {
$stock_left = $stock_values['products_quantity'];
}
$productstable = $oostable['products'];
$dbconn->Execute("UPDATE $productstable
SET products_quantity = '" . oos_db_input($stock_left) . "'
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'");
if ($stock_left < 1) {
$productstable = $oostable['products'];
$dbconn->Execute("UPDATE $productstable
SET products_status = '0'
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'");
}
}
}
// Update products_ordered (for bestsellers list)
$productstable = $oostable['products'];
$dbconn->Execute("UPDATE $productstable
SET products_ordered = products_ordered + " . sprintf('%d', intval($oOrder->products[$i]['qty'])) . "
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'");
$sql_data_array = array('orders_id' => $insert_id,
'products_id' => oos_get_product_id($oOrder->products[$i]['id']),
'products_model' => $oOrder->products[$i]['model'],
'products_ean' => $oOrder->products[$i]['ean'],
'products_name' => $oOrder->products[$i]['name'],
'products_price' => $oOrder->products[$i]['price'],
'final_price' => $oOrder->products[$i]['final_price'],
'products_tax' => $oOrder->products[$i]['tax'],
'products_quantity' => $oOrder->products[$i]['qty']);
oos_db_perform($oostable['orders_products'], $sql_data_array);
$order_products_id = $dbconn->Insert_ID();
//ICW ADDED FOR CREDIT CLASS SYSTEM
$order_total_modules->update_credit_account($i);
//------insert customer choosen option to order--------
$attributes_exist = '0';
$products_ordered_attributes = '';
if (isset($oOrder->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j=0, $n2=count($oOrder->products[$i]['attributes']); $j<$n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
$products_attributes_downloadtable = $oostable['products_attributes_download'];
if ($oOrder->products[$i]['attributes'][$j]['value_id'] == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$attributes_result = "SELECT popt.products_options_name, poval.products_options_values_name,
pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays,
pad.products_attributes_maxcount , pad.products_attributes_filename
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa LEFT JOIN
$products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'";
} else {
$attributes_result = "SELECT popt.products_options_name, poval.products_options_values_name,
pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays,
pad.products_attributes_maxcount , pad.products_attributes_filename
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa LEFT JOIN
$products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . intval($oOrder->products[$i]['attributes'][$j]['value_id']) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
}
$attributes = $dbconn->Execute($attributes_result);
} else {
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
if ($oOrder->products[$i]['attributes'][$j]['value_id'] == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$sql = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'";
} else {
$sql = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . intval($oOrder->products[$i]['attributes'][$j]['value_id']) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
}
$attributes = $dbconn->Execute($sql);
}
$attributes_values = $attributes->fields;
$sql_data_array = array('orders_id' => $insert_id,
'orders_products_id' => $order_products_id,
'products_options' => $attributes_values['products_options_name'],
'products_options_values' => $oOrder->products[$i]['attributes'][$j]['value'],
'options_values_price' => $attributes_values['options_values_price'],
'price_prefix' => $attributes_values['price_prefix']);
// insert
oos_db_perform($oostable['orders_products_attributes'], $sql_data_array);
if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && oos_is_not_null($attributes_values['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $insert_id,
'orders_products_id' => $order_products_id,
'orders_products_filename' => $attributes_values['products_attributes_filename'],
'download_maxdays' => $attributes_values['products_attributes_maxdays'],
'download_count' => $attributes_values['products_attributes_maxcount']);
// insert
oos_db_perform($oostable['orders_products_download'], $sql_data_array);
}
$products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . oos_decode_special_chars($oOrder->products[$i]['attributes'][$j]['value']);
}
}
//------insert customer choosen option eof ----
$total_weight += ($oOrder->products[$i]['qty'] * $oOrder->products[$i]['weight']);
$total_tax += oos_calculate_tax($total_products_price, $products_tax) * $oOrder->products[$i]['qty'];
$total_cost += $total_products_price;
$products_ordered .= $oOrder->products[$i]['qty'] . ' x ' . $oOrder->products[$i]['name'] . ' (' . $oOrder->products[$i]['model'] . ') = ' . $oCurrencies->display_price($oOrder->products[$i]['final_price'], $oOrder->products[$i]['tax'], $oOrder->products[$i]['qty']) . $products_ordered_attributes . "\n";
}
$order_total_modules->apply_credit();
// lets start with the email confirmation
$email_order = STORE_NAME . "\n" .
$aLang['email_separator'] . "\n" .
$aLang['email_text_order_number'] . ' ' . $insert_id . "\n" .
$aLang['email_text_invoice_url'] . ' ' . oos_href_link($aContents['account_history_info'], 'order_id=' . $insert_id, FALSE) . "\n" .
$aLang['email_text_date_ordered'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n";
if ($oOrder->info['comments']) {
$email_order .= oosDBOutput($oOrder->info['comments']) . "\n\n";
}
$email_order .= $aLang['email_text_products'] . "\n" .
$aLang['email_separator'] . "\n" .
$products_ordered .
$aLang['email_separator'] . "\n";
for ($i=0, $n=count($order_totals); $i<$n; $i++) {
$email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
}
if ($oOrder->content_type != 'virtual') {
$email_order .= "\n" . $aLang['email_text_delivery_address'] . "\n" .
$aLang['email_separator'] . "\n" .
oos_address_label($_SESSION['customer_id'], $_SESSION['sendto'], 0, '', "\n") . "\n";
}
$email_order .= "\n" . $aLang['email_text_billing_address'] . "\n" .
$aLang['email_separator'] . "\n" .
oos_address_label($_SESSION['customer_id'], $_SESSION['billto'], 0, '', "\n") . "\n\n";
if (is_object(${$_SESSION['payment']})) {
$email_order .= $aLang['email_text_payment_method'] . "\n" .
$aLang['email_separator'] . "\n";
$payment_class = ${$_SESSION['payment']};
$email_order .= $payment_class->title . "\n\n";
if ($payment_class->email_footer) {
$email_order .= $payment_class->email_footer . "\n\n";
}
}
if (!isset($_SESSION['man_key'])) {
oos_mail($oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'], $oOrder->customer['email_address'], $aLang['email_text_subject'], nl2br($email_order), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
// send emails to other people
if ( (defined (SEND_EXTRA_ORDER_EMAILS_TO)) && (SEND_EXTRA_ORDER_EMAILS_TO != '')) {
oos_mail('', SEND_EXTRA_ORDER_EMAILS_TO, $aLang['email_text_subject'], nl2br($email_order), $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'], $oOrder->customer['email_address'], true);
}
// load the after_process function from the payment modules
$payment_modules->after_process();
$_SESSION['cart']->reset(true);
// unregister session variables used during checkout
unset($_SESSION['sendto']);
unset($_SESSION['billto']);
unset($_SESSION['shipping']);
unset($_SESSION['payment']);
unset($_SESSION['comments']);
$order_total_modules->clear_posts();
oos_redirect(oos_href_link($aContents['checkout_success']));

215
msd2/myoos/includes/content/checkout_shipping.php Normal file
View File

@ -0,0 +1,215 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_shipping.php,v 1.9 2003/02/22 17:34:00 wilt
orig: checkout_shipping.php,v 1.14 2003/02/14 20:28:47 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// check for maximum order
if ($_SESSION['cart']->show_total() > $_SESSION['customer_max_order']) {
oos_redirect(oos_href_link($aContents['info_max_order']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_shipping.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
if (isset($_SESSION['shipping'])) unset($_SESSION['shipping']);
// if no shipping destination address was selected, use the customers own address as default
if (!isset($_SESSION['sendto'])) {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
} else {
// verify the selected shipping address
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['sendto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] != '1') {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
}
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
// register a random ID in the session to check throughout the checkout procedure
// against alterations in the shopping cart contents
$_SESSION['cartID'] = $_SESSION['cart']->cartID;
// if the order contains only virtual products, forward the customer to the billing page as
// a shipping address is not needed
if (($oOrder->content_type == 'virtual') || ($_SESSION['cart']->show_total() == 0) ) {
$_SESSION['shipping'] = FALSE;
$_SESSION['sendto'] = FALSE;
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
$total_weight = $_SESSION['cart']->show_weight();
$total_count = $_SESSION['cart']->count_contents();
// load all enabled shipping modules
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_shipping.php';
$shipping_modules = new shipping;
if ( defined('MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING') && (MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING == 'true') ) {
switch (MODULE_ORDER_TOTAL_SHIPPING_DESTINATION) {
case 'national':
if ($oOrder->delivery['country_id'] == STORE_COUNTRY) $pass = TRUE; break;
case 'international':
if ($oOrder->delivery['country_id'] != STORE_COUNTRY) $pass = TRUE; break;
case 'both':
$pass = TRUE; break;
default:
$pass = FALSE; break;
}
$free_shipping = FALSE;
if ( ($pass == TRUE) && ($oOrder->info['subtotal'] >= MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER) ) {
$free_shipping = TRUE;
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/modules/order_total/ot_shipping.php';
}
} else {
$free_shipping = FALSE;
}
// process the selected shipping method
if ( isset($_POST['action']) && ($_POST['action'] == 'process') ) {
if ( (isset($_POST['comments'])) && (empty($_POST['comments'])) ) {
$_SESSION['comments'] = '';
} elseif (oos_is_not_null($_POST['comments'])) {
$_SESSION['comments'] = oos_db_prepare_input($_POST['comments']);
}
if ( (oos_count_shipping_modules() > 0) || ($free_shipping == TRUE) ) {
if ( (isset($_POST['shipping'])) && (strpos($_POST['shipping'], '_')) ) {
$_SESSION['shipping'] = $_POST['shipping'];
list($module, $method) = explode('_', $_SESSION['shipping']);
if ( is_object($$module) || ($_SESSION['shipping'] == 'free_free') ) {
if ($_SESSION['shipping'] == 'free_free') {
$quote[0]['methods'][0]['title'] = $aLang['free_shipping_title'];
$quote[0]['methods'][0]['cost'] = '0';
} else {
$quote = $shipping_modules->quote($method, $module);
}
if (isset($quote['error'])) {
unset($_SESSION['shipping']);
} else {
if ( (isset($quote[0]['methods'][0]['title'])) && (isset($quote[0]['methods'][0]['cost'])) ) {
$_SESSION['shipping'] = array('id' => $_SESSION['shipping'],
'title' => (($free_shipping == TRUE) ? $quote[0]['methods'][0]['title'] : $quote[0]['module'] . ' (' . $quote[0]['methods'][0]['title'] . ')'),
'cost' => $quote[0]['methods'][0]['cost']);
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
}
} else {
unset($_SESSION['shipping']);
}
}
} else {
$_SESSION['shipping'] = FALSE;
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
}
// get all available shipping quotes
$quotes = $shipping_modules->quote();
// if no shipping method has been selected, automatically select the cheapest method.
// if the modules status was changed when none were available, to save on implementing
// a javascript force-selection method, also automatically select the cheapest shipping
// method if more than one module is now enabled
if ((!isset($_SESSION['shipping']) || (!isset($_SESSION['shipping']['id']) || $_SESSION['shipping']['id'] == '') && oos_count_shipping_modules() >= 1)) $_SESSION['shipping'] = $shipping_modules->cheapest();
list ($sess_class, $sess_method) = preg_split('/_/', $_SESSION['shipping']['id']);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_shipping']));
$aTemplate['page'] = $sTheme . '/page/checkout_shipping.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'sess_method' => $sess_method,
'counts_shipping_modules' => oos_count_shipping_modules(),
'quotes' => $quotes,
'free_shipping' => $free_shipping,
'oos_free_shipping_description' => sprintf($aLang['free_shipping_description'], $oCurrencies->format(MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER))
)
);
// display the template
$smarty->display($aTemplate['page']);

379
msd2/myoos/includes/content/checkout_shipping_address.php Normal file
View File

@ -0,0 +1,379 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_shipping_address.php,v 1.8 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_shipping_address.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// if the order contains only virtual products, forward the customer to the billing page as
// a shipping address is not needed
if ($oOrder->content_type == 'virtual') {
$_SESSION['shipping'] = FALSE;
$_SESSION['sendto'] = FALSE;
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
$bError = FALSE; // reset error flag
$bProcess = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'submit') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
// Process a new shipping address
if (oos_is_not_null($_POST['firstname']) && oos_is_not_null($_POST['lastname']) && oos_is_not_null($_POST['street_address'])) {
$bProcess = TRUE;
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error']);
}
}
}
if ($bError == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT max(address_book_id) AS address_book_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$next_id_result = $dbconn->Execute($sql);
if ($next_id_result->RecordCount()) {
$next_id = $next_id_result->fields;
$entry_id = $next_id['address_book_id']+1;
} else {
$entry_id = 1;
}
$sql_data_array = array('customers_id' => intval($_SESSION['customer_id']),
'address_book_id' => $entry_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_VAT_ID == 'true') {
$sql_data_array['entry_vat_id'] = $vat_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE) && ($country != STORE_COUNTRY)) {
$sql_data_array['entry_vat_id_status'] = 1;
} else {
$sql_data_array['entry_vat_id_status'] = 0;
}
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$_SESSION['sendto'] = $entry_id;
if (isset($_SESSION['shipping'])) unset($_SESSION['shipping']);
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
// Process the selected shipping destination
} elseif (isset($_POST['address'])) {
$reset_shipping = FALSE;
if (isset($_SESSION['sendto'])) {
if ($_SESSION['sendto'] != $_POST['address']) {
if (isset($_SESSION['shipping'])) {
$reset_shipping = TRUE;
}
}
}
$_SESSION['sendto'] = intval($_POST['address']);
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['sendto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] == '1') {
if ($reset_shipping == TRUE) unset($_SESSION['shipping']);
oos_redirect(oos_href_link($aContents['checkout_shipping']));
} else {
unset($_SESSION['sendto']);
}
} else {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// if no shipping destination address was selected, use their own address as default
if (!isset($_SESSION['sendto'])) {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
}
if ($bProcess == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id != '" . intval($_SESSION['sendto']) . "'";
$addresses_count_result = $dbconn->Execute($sql);
$addresses_count = $addresses_count_result->fields['total'];
if ($addresses_count > 0) {
$radio_buttons = 0;
$address_booktable = $oostable['address_book'];
$sql = "SELECT address_book_id, entry_firstname AS firstname, entry_lastname AS lastname,
entry_company AS company, entry_street_address AS street_address,
entry_city AS city, entry_postcode AS postcode,
entry_state AS state, entry_zone_id AS zone_id, entry_country_id AS country_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$addresses_result = $dbconn->Execute($sql);
$addresses_array = array();
while ($addresses = $addresses_result->fields) {
$format_id = oos_get_address_format_id($address['country_id']);
$addresses_array[] = array('format_id' => $format_id,
'radio_buttons' => $radio_buttons,
'firstname' => $addresses['firstname'],
'lastname' => $addresses['lastname'],
'address_book_id' => $addresses['address_book_id'],
'address' => oos_address_format($format_id, $addresses, true, ' ', ', '));
$radio_buttons++;
// Move that ADOdb pointer!
$addresses_result->MoveNext();
}
}
}
if (!isset($bProcess)) $bProcess = FALSE;
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_shipping_address']));
$aTemplate['page'] = $sTheme . '/page/checkout_shipping_address.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('checkout_address') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('checkout_address') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'process' => $bProcess,
'addresses_count' => $addresses_count,
'gender' => $gender,
'firstname' => $firstname,
'lastname' => $lastname,
'company' => $company,
'owner' => $owner,
'vat_id' => $vat_id,
'street_address' => $street_address,
'postcode' => $postcode,
'city' => $city,
'country' => $country,
'store_country' => STORE_COUNTRY,
'gender_error' => $gender_error,
'firstname_error' => $firstname_error,
'lastname_error' => $lastname_error,
'street_address_error' => $street_address_error,
'post_code_error' => $post_code_error,
'city_error' => $city_error,
'state_error' => $state_error,
'state_has_zones' => $entry_state_has_zones,
'country_error' => $country_error
)
);
if ($bProcess == FALSE) {
$smarty->assign('addresses_array', $addresses_array);
}
if ($entry_state_has_zones == TRUE) {
$zones_names = array();
$zones_values = array();
$zonestable = $oostable['zones'];
$zones_result = $dbconn->Execute("SELECT zone_name FROM $zonestable WHERE zone_country_id = '" . intval($country) . "' ORDER BY zone_name");
while ($zones = $zones_result->fields) {
$zones_names[] = $zones['zone_name'];
$zones_values[] = $zones['zone_name'];
$zones_result->MoveNext();
}
$smarty->assign('zones_names', $zones_names);
$smarty->assign('zones_values', $zones_values);
} else {
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
$smarty->assign('zone_id', $zone_id);
}
$country_name = oos_get_country_name($country);
$smarty->assign('country_name', $country_name);
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
// display the template
$smarty->display($aTemplate['page']);

152
msd2/myoos/includes/content/checkout_success.php Normal file
View File

@ -0,0 +1,152 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_success.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_success.php,v 1.48 2003/02/17 11:51:16 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the shopping cart page
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_success.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'notify_process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (isset($_POST['notify']) && !empty($_POST['notify'])) {
$notify = $_POST['notify'];
if (!is_array($notify)) {
$notify = array($notify);
}
$products_notificationstable = $oostable['products_notifications'];
for ($i=0, $n=count($notify); $i<$n; $i++) {
$sql = "SELECT COUNT(*) AS total
FROM $products_notificationstable
WHERE products_id = '" . intval($notify[$i]) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check = $dbconn->Execute($sql);
if ($check->fields['total'] < 1) {
$today = date("Y-m-d H:i:s");
$sql = "INSERT INTO $products_notificationstable
(products_id,
customers_id,
date_added) VALUES (" . $dbconn->qstr($notify[$i]) . ','
. $dbconn->qstr($_SESSION['customer_id']) . ','
. $dbconn->DBTimeStamp($today) . ")";
$result = $dbconn->Execute($sql);
}
}
}
oos_redirect(oos_href_link($aContents['home']));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1']);
$oBreadcrumb->add($aLang['navbar_title_2']);
$customers_infotable = $oostable['customers_info'];
$sql = "SELECT global_product_notifications
FROM $customers_infotable
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$global_result = $dbconn->Execute($sql);
$global = $global_result->fields;
if ($global['global_product_notifications'] != '1') {
$orderstable = $oostable['orders'];
$sql = "SELECT orders_id
FROM $orderstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
ORDER BY date_purchased desc LIMIT 1";
$orders_result = $dbconn->Execute($sql);
$orders = $orders_result->fields;
$products_array = array();
$orders_productstable = $oostable['orders_products'];
$sql = "SELECT products_id, products_name
FROM $orders_productstable
WHERE orders_id = '" . intval($orders['orders_id']) . "'
ORDER BY products_name";
$products_result = $dbconn->Execute($sql);
while ($products = $products_result->fields) {
$products_array[] = array('id' => $products['products_id'],
'text' => $products['products_name']);
$products_result->MoveNext();
}
}
$aTemplate['page'] = $sTheme . '/page/checkout_success.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
//ICW ADDED FOR ORDER_TOTAL CREDIT SYSTEM - Start Addition
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
$sql = "SELECT amount
FROM $coupon_gv_customertable
WHERE customer_id = '" . intval($_SESSION['customer_id']) . "'";
$gv_amount = $dbconn->GetOne($sql);
$smarty->assign('gv_amount', $gv_amount);
$products_notify = '';
if ($global['global_product_notifications'] != '1') {
$products_notify .= $aLang['text_notify_products'] . '<br /><p class="productsNotifications">';
$products_displayed = array();
for ($i=0, $n=count($products_array); $i<$n; $i++) {
if (!in_array($products_array[$i]['id'], $products_displayed)) {
$products_notify .= oos_draw_checkbox_field('notify[]', $products_array[$i]['id']) . ' ' . $products_array[$i]['text'] . '<br />';
$products_displayed[] = $products_array[$i]['id'];
}
}
$products_notify .= '</p>';
} else {
$products_notify .= $aLang['text_see_orders'] . '<br /><br />' . $aLang['text_contact_store_owner'];
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'products_notify' => $products_notify
)
);
// display the template
$smarty->display($aTemplate['page']);

88
msd2/myoos/includes/content/contact_us.php Normal file
View File

@ -0,0 +1,88 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: contact_us.php,v 1.39 2003/02/14 05:51:15 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/contact_us.php';
$bError = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'send') ) {
$email_address = oos_prepare_input($_POST['email']);
$name = oos_prepare_input($_POST['name']);
$phone = oos_prepare_input($_POST['phone']);
$subject = oos_prepare_input($_POST['subject']);
$enquiry = oos_prepare_input($_POST['enquiry']);
if (oos_validate_is_email(trim($email_address))) {
if ( empty( $subject )) {
$subject = $aLang['email_subject'];
}
$email_text = "\n";
$email_text .= $aLang['entry_name'] . ' ' . $name . "\n";
$email_text .= $aLang['entry_telephone_number'] . ' ' . $phone . "\n";
$email_text .= $aLang['entry_email'] . ' ' . $email_address . "\n";
$email_text .= "\n";
$email_text .= $aLang['entry_enquiry'] . ' ' . $enquiry . "\n";
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $subject, $enquiry, $name, $email_address);
oos_redirect(oos_href_link($aContents['contact_us'], 'action=success'));
} else {
$oMessage->add('contact_us', $aLang['error_email_address']);
$bError = TRUE;
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['contact_us']));
$sCanonical = oos_href_link($aContents['contact_us'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/contact_us.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('contact_us') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('contact_us') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'error' => $bError
)
);
// display the template
$smarty->display($aTemplate['page']);

495
msd2/myoos/includes/content/create_account.php Normal file
View File

@ -0,0 +1,495 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: create_account.php,v 1.59 2003/02/14 05:51:17 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_validate_vatid.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/create_account.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
if ( $_SESSION['login_count'] > 3) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_DOB == 'true') $dob = oos_db_prepare_input($_POST['dob']);
$email_address = oos_db_prepare_input($_POST['email_address']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
if (ACCOUNT_TELEPHONE == 'true') $telephone = oos_db_prepare_input($_POST['telephone']);
$password = oos_db_prepare_input($_POST['password']);
$confirmation = oos_db_prepare_input($_POST['confirmation']);
if (isset($_POST['newsletter'])) {
$newsletter = oos_db_prepare_input($_POST['newsletter']);
}
if (isset($_POST['agree'])) {
$agree = oos_db_prepare_input($_POST['agree']);
}
$bError = FALSE; // reset error flag
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_DOB == 'true') {
if ((strlen($dob) < ENTRY_DOB_MIN_LENGTH) || (!empty($dob) &&
(!is_numeric(oos_date_raw($dob)) ||
!checkdate(substr(oos_date_raw($dob), 4, 2), substr(oos_date_raw($dob), 6, 2), substr(oos_date_raw($dob), 0, 4))))) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_date_of_birth_error'] );
}
}
if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_error']);
} elseif (oos_validate_is_email($email_address) == FALSE) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_check_error']);
} else {
$customerstable = $oostable['customers'];
$check_email_sql = "SELECT customers_email_address
FROM $customerstable
WHERE customers_email_address = '" . oos_db_input($email_address) . "'";
$check_email = $dbconn->Execute($check_email_sql);
if ($check_email->RecordCount()) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_error_exists']);
}
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_state_error']);
}
}
}
if (CUSTOMER_NOT_LOGIN == 'false') {
if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_password_error']);
} elseif ($password != $confirmation) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_password_error_not_matching']);
}
}
if (empty($agree)) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_agree_error']);
}
if ($bError == FALSE) {
$customer_max_order = DEFAULT_MAX_ORDER;
$customers_status = DEFAULT_CUSTOMERS_STATUS_ID;
if (CUSTOMER_NOT_LOGIN == 'true') {
$customers_login = '0';
} else {
$customers_login = '1';
}
$time = mktime();
$wishlist_link_id = oos_create_wishlist_code();
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_email_address' => $email_address,
'customers_status' => $customers_status,
'customers_login' => $customers_login,
'customers_language' => $sLanguage,
'customers_max_order' => $customer_max_order,
'customers_password' => oos_encrypt_password($password),
'customers_wishlist_link_id' => $wishlist_link_id,
'customers_default_address_id' => 1);
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = oos_date_raw($dob);
if (ACCOUNT_TELEPHONE == 'true') $sql_data_array['customers_telephone'] = $telephone;
oos_db_perform($oostable['customers'], $sql_data_array);
$customer_id = $dbconn->Insert_ID();
$sql_data_array = array('customers_id' => $customer_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_VAT_ID == 'true') {
$sql_data_array['entry_vat_id'] = $vat_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE) && ($country != STORE_COUNTRY)) {
$sql_data_array['entry_vat_id_status'] = 1;
} else {
$sql_data_array['entry_vat_id_status'] = 0;
}
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$address_id = $dbconn->Insert_ID();
$customers_table = $oostable['customers'];
$dbconn->Execute("UPDATE $customers_table SET customers_default_address_id = '" . intval($address_id) . "' WHERE customers_id = '" . intval($customer_id) . "'");
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("INSERT INTO $customers_infotable
(customers_info_id,
customers_info_number_of_logons,
customers_info_date_account_created) VALUES ('" . intval($customer_id) . "',
'0',
now())");
if (CUSTOMER_NOT_LOGIN != 'true') {
$_SESSION['customer_id'] = $customer_id;
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_lastname'] = $lastname;
$_SESSION['customer_default_address_id'] = $address_id;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = $zone_id;
$_SESSION['customer_wishlist_link_id'] = $wishlist_link_id;
$_SESSION['customer_max_order'] = $customer_max_order;
if (ACCOUNT_VAT_ID == 'true') {
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$_SESSION['customers_vat_id_status'] = 1;
} else {
$_SESSION['customers_vat_id_status'] = 0;
}
}
// restore cart contents
$_SESSION['cart']->restore_contents();
$_SESSION['user']->restore_group();
$aUser = $_SESSION['user']->group;
}
// build the message content
$name = $firstname . " " . $lastname;
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_text = $aLang['email_greet_mr'];
} else {
$email_text = $aLang['email_greet_ms'];
}
} else {
$email_text = $aLang['email_greet_none'];
}
$email_text .= $aLang['email_welcome'];
if (MODULE_ORDER_TOTAL_GV_STATUS == 'true') {
if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
$coupon_code = oos_create_coupon_code();
$couponstable = $oostable['coupons'];
$insert_result = $dbconn->Execute("INSERT INTO $couponstable
(coupon_code,
coupon_type,
coupon_amount,
date_created) VALUES ('" . oos_db_input($coupon_code) . "',
'G',
'" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "',
now())");
$insert_id = $dbconn->Insert_ID();
$coupon_email_tracktable = $oostable['coupon_email_track'];
$insert_result = $dbconn->Execute("INSERT INTO $coupon_email_tracktable
(coupon_id,
customer_id_sent,
sent_firstname,
emailed_to,
date_sent) VALUES ('" . oos_db_input($insert_id) ."',
'0',
'Admin',
'" . $email_address . "',
now() )");
$email_text .= sprintf($aLang['email_gv_incentive_header'], $oCurrencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n" .
sprintf($aLang['email_gv_redeem'], $coupon_code) . "\n\n" .
$aLang['email_gv_link'] . oos_href_link($aContents['gv_redeem'], 'gv_no=' . $coupon_code, false, false) .
"\n\n";
}
if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
$coupon_id = NEW_SIGNUP_DISCOUNT_COUPON;
$couponstable = $oostable['coupons'];
$sql = "SELECT *
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($coupon_id) . "'";
$coupon_result = $dbconn->Execute($sql);
$coupons_descriptiontable = $oostable['coupons_description'];
$sql = "SELECT *
FROM " . $coupons_descriptiontable . "
WHERE coupon_id = '" . oos_db_input($coupon_id) . "'
AND coupon_languages_id = '" . intval($nLanguageID) . "'";
$coupon_desc_result = $dbconn->Execute($sql);
$coupon = $coupon_result->fields;
$coupon_desc = $coupon_desc_result->fields;
$coupon_email_tracktable = $oostable['coupon_email_track'];
$insert_result = $dbconn->Execute("INSERT INTO $coupon_email_tracktable
(coupon_id,
customer_id_sent,
sent_firstname,
emailed_to,
date_sent) VALUES ('" . oos_db_input($coupon_id) ."',
'0',
'Admin',
'" . oos_db_input($email_address) . "',
now() )");
$email_text .= $aLang['email_coupon_incentive_header'] . "\n\n" .
$coupon_desc['coupon_description'] .
sprintf($aLang['email_coupon_redeem'], $coupon['coupon_code']) . "\n\n" .
"\n\n";
}
}
$email_text .= $aLang['email_text'] . $aLang['email_contact'] . $aLang['email_warning'] . $aLang['email_disclaimer'];
oos_mail($name, $email_address, $aLang['email_subject'], nl2br($email_text), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '3');
if (SEND_CUSTOMER_EDIT_EMAILS == 'true') {
$email_owner = $aLang['owner_email_subject'] . "\n" .
$aLang['email_separator'] . "\n" .
$aLang['owner_email_date'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" .
$aLang['email_separator'] . "\n";
if (ACCOUNT_COMPANY == 'true') {
$email_owner .= $aLang['owner_email_company_info'] . "\n" .
$aLang['owner_email_company'] . ' ' . $company . "\n";
if (ACCOUNT_OWNER == 'true') {
$email_owner .= $aLang['owner_email_owner'] . ' ' . $owner . "\n";
}
if (ACCOUNT_VAT_ID == 'true') {
$email_owner .= $aLang['entry_vat_id'] . ' ' . $vat_id . "\n";
}
}
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['male'] . "\n";
} else {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['female'] . "\n";
}
}
$email_owner .= $aLang['owner_email_first_name'] . ' ' . $firstname . "\n" .
$aLang['owner_email_last_name'] . ' ' . $lastname . "\n\n" .
$aLang['owner_email_street'] . ' ' . $street_address . "\n" .
$aLang['owner_email_post_code'] . ' ' . $postcode . "\n" .
$aLang['owner_email_city'] . ' ' . $city . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_contact'] . "\n" .
$aLang['owner_email_telephone_number'] . ' ' . $telephone . "\n" .
$aLang['owner_email_address'] . ' ' . $email_address . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_options'] . "\n";
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $aLang['owner_email_subject'], nl2br($email_owner), $name, $email_address, '1');
}
if (NEWSLETTER == 'true') {
if ( isset($newsletter) && ($newsletter == 'yes') ) {
oos_newsletter_subscribe_mail($email_address);
}
}
if (count($_SESSION['navigation']->snapshot) > 0) {
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
$_SESSION['navigation']->clear_snapshot();
oos_redirect($origin_href);
}
oos_redirect(oos_href_link($aContents['create_account_success']));
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['create_account']));
$sCanonical = oos_href_link($aContents['create_account'], '', FALSE, TRUE);
$snapshot = count($_SESSION['navigation']->snapshot);
if (isset($_GET['email_address'])) {
$email_address = oos_db_prepare_input($_GET['email_address']);
}
$account['entry_country_id'] = STORE_COUNTRY;
$aTemplate['page'] = $sTheme . '/page/create_account.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('create_account') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('create_account') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical
)
);
$smarty->assign('account', $account);
$smarty->assign('email_address', $email_address);
$smarty->assign('snapshot', $snapshot);
$smarty->assign('login_orgin_text', sprintf($aLang['text_origin_login'], oos_href_link($aContents['login'], '')));
$smarty->assign('login_agree', sprintf($aLang['agree'], oos_href_link($aContents['information'], 'information_id=2'), oos_href_link($aContents['information'], 'information_id=4')));
// display the template
$smarty->display($aTemplate['page']);

69
msd2/myoos/includes/content/create_account_success.php Normal file
View File

@ -0,0 +1,69 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: create_account_success.php,v 1.29 2003/02/13 02:27:56 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/create_account_success.php';
$oBreadcrumb->add($aLang['navbar_title_1']);
$oBreadcrumb->add($aLang['navbar_title_2']);
if (count($_SESSION['navigation']->snapshot) > 0) {
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
$_SESSION['navigation']->clear_snapshot();
} else {
$origin_href = oos_href_link($aContents['home']);
}
$aTemplate['page'] = $sTheme . '/page/create_account_success.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign('thank_you', sprintf($aLang['text_main'], oos_href_link($aContents['contact_us']), oos_href_link($aContents['contact_us'])));
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'origin_href' => $origin_href
)
);
// display the template
$smarty->display($aTemplate['page']);

141
msd2/myoos/includes/content/download.php Normal file
View File

@ -0,0 +1,141 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: download.php,v 1.9 2003/02/13 03:01:48 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!isset($_SESSION['customer_id'])) die;
// Check download.php was called with proper GET parameters
if ((isset($_GET['order']) && !is_numeric($_GET['order'])) || (isset($_GET['id']) && !is_numeric($_GET['id'])) ) {
die;
}
/**
* Returns a random name, 16 to 20 characters long
* There are more than 10^28 combinations
* The directory is "hidden", i.e. starts with '.'
*
* @return string
*/
function oos_random_name() {
$letters = 'abcdefghijklmnopqrstuvwxyz';
$dirname = '.';
$length = floor(oos_rand(16,20));
for ($i = 1; $i <= $length; $i++) {
$q = floor(oos_rand(1,26));
$dirname .= $letters[$q];
}
return $dirname;
}
/**
* Unlinks all subdirectories and files in $dir
* Works only on one subdir level, will not recurse
*/
function oos_unlink_temp_dir($dir) {
$h1 = opendir($dir);
while ($subdir = readdir($h1)) {
// Ignore non directories
if (!is_dir($dir . $subdir)) continue;
// Ignore . and .. and CVS
if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') continue;
// Loop and unlink files in subdirectory
$h2 = opendir($dir . $subdir);
while ($file = readdir($h2)) {
if ($file == '.' || $file == '..') continue;
@unlink($dir . $subdir . '/' . $file);
}
closedir($h2);
@rmdir($dir . $subdir);
}
closedir($h1);
}
// Check that order_id, customer_id and filename match
$sql = "SELECT date_format(o.date_purchased, '%Y-%m-%d') AS date_purchased_day,
opd.download_maxdays, opd.download_count, opd.download_maxdays,
opd.orders_products_filename
FROM " . $oostable['orders'] . " o,
" . $oostable['orders_products'] . " op,
" . $oostable['orders_products_download'] . " opd
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND o.orders_id = '" . intval($_GET['order']) . "'
AND o.orders_id = op.orders_id
AND op.orders_products_id = opd.orders_products_id
AND opd.orders_products_download_id = '" . intval($_GET['id']) . "'
AND opd.orders_products_filename != ''";
$downloads_result = $dbconn->Execute($sql);
if (!$downloads_result->RecordCount()) die;
$downloads = $downloads_result->fields;
// MySQL 3.22 does not have INTERVAL
list($dt_year, $dt_month, $dt_day) = explode('-', $downloads['date_purchased_day']);
$download_timestamp = mktime(23, 59, 59, $dt_month, $dt_day + $downloads['download_maxdays'], $dt_year);
// Die if time expired (maxdays = 0 means no time limit)
if (($downloads['download_maxdays'] != 0) && ($download_timestamp <= time())) die;
// Die if remaining count is <=0
if ($downloads['download_count'] <= 0) die;
// Die if file is not there
if (!file_exists(OOS_DOWNLOAD_PATH . $downloads['orders_products_filename'])) die;
// Now decrement counter
$dbconn->Execute("UPDATE " . $oostable['orders_products_download'] . "
SET download_count = download_count-1
WHERE orders_products_download_id = '" . intval($_GET['id']) . "'");
// Now send the file with header() magic
header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: Application/octet-stream");
header("Content-disposition: attachment; filename=" . $downloads['orders_products_filename']);
if (DOWNLOAD_BY_REDIRECT == 'true') {
// This will work only on Unix/Linux hosts
oos_unlink_temp_dir(OOS_DOWNLOAD_PATH_PUBLIC);
$tempdir = oos_random_name();
umask(0000);
mkdir(OOS_DOWNLOAD_PATH_PUBLIC . $tempdir, 0777);
symlink(OOS_DOWNLOAD_PATH . $downloads['orders_products_filename'], OOS_DOWNLOAD_PATH_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']);
oos_redirect(OOS_DOWNLOAD . $tempdir . '/' . $downloads['orders_products_filename']);
} else {
// This will work on all systems, but will need considerable resources
// We could also loop with fread($fp, 4096) to save memory
readfile(OOS_DOWNLOAD_PATH . $downloads['orders_products_filename']);
}

49
msd2/myoos/includes/content/error403.php Normal file
View File

@ -0,0 +1,49 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
http_response_code(403);
include_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/403.php';
$aTemplate['page'] = $sTheme . '/page/403.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['403'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

51
msd2/myoos/includes/content/error404.php Normal file
View File

@ -0,0 +1,51 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
http_response_code(404);
include_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/404.php';
$aTemplate['page'] = $sTheme . '/page/404.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['404'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

57
msd2/myoos/includes/content/gv_faq.php Normal file
View File

@ -0,0 +1,57 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: gv_faq.php,v 1.2 2003/02/17 23:53:04 wilt
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
Gift Voucher System v1.0
Copyright (c) 2001, 2002 Ian C Wilson
http://www.phesis.org
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/gv_faq.php';
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$oBreadcrumb->add($information['navbar_title'], oos_href_link($aContents['gv_faq']));
$sCanonical = oos_href_link($aContents['gv_faq'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/info.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

132
msd2/myoos/includes/content/gv_redeem.php Normal file
View File

@ -0,0 +1,132 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: gv_redeem.php,v 1.3.2.1 2003/04/18 15:52:40 wilt
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
Gift Voucher System v1.0
Copyright (c) 2001, 2002 Ian C Wilson
http://www.phesis.org
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/gv_redeem.php';
$bError = TRUE;
// check for a voucher number in the url
if ( (isset($_GET['gv_no']) && !empty($_GET['gv_no'])) ) {
$gv_no = oos_prepare_input($_GET['gv_no']);
if ( empty( $gv_no ) || !is_string( $gv_no ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$couponstable = $oostable['coupons'];
$coupon_email_tracktable = $oostable['coupon_email_track'];
$sql = "SELECT c.coupon_id, c.coupon_amount
FROM $couponstable c,
$coupon_email_tracktable et
WHERE coupon_code = '" . oos_db_input($gv_no) . "'
AND c.coupon_id = et.coupon_id";
$gv_result = $dbconn->Execute($sql);
if ($gv_result->RecordCount() >0) {
$coupon = $gv_result->fields;
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$sql = "SELECT coupon_id
FROM $coupon_redeem_tracktable
WHERE coupon_id = '" . oos_db_input($coupon['coupon_id']) . "'";
$redeem_result = $dbconn->Execute($sql);
if ($redeem_result->RecordCount() == 0 ) {
$bError = FALSE;
}
}
} else {
oos_redirect(oos_href_link($aContents['home']));
}
if ( (!$bError) && (isset($_SESSION['customer_id'])) ) {
// Update redeem status
$remote_addr = oos_server_get_remote();
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$gv_result = $dbconn->Execute("INSERT INTO $coupon_redeem_tracktable
(coupon_id,
customer_id,
redeem_date,
redeem_ip) VALUES ('" . $coupon['coupon_id'] . "',
'" . intval($_SESSION['customer_id']) . "',
now(),
'" . oos_db_input($remote_addr) . "')");
$couponstable = $oostable['coupons'];
$gv_update = $dbconn->Execute("UPDATE $couponstable
SET coupon_active = 'N'
WHERE coupon_id = '" . $coupon['coupon_id'] . "'");
oos_gv_account_update($_SESSION['customer_id'], $coupon['coupon_id']);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
// if we get here then either the url gv_no was not set or it was invalid
// so output a message.
$sTextGiftVoucher = sprintf($aLang['text_valid_gv'], $oCurrencies->format($coupon['coupon_amount']));
if ($bError) {
$sTextGiftVoucher = sprintf($aLang['text_invalid_gv'], oos_href_link($aContents['contact_us']));
}
$aTemplate['page'] = $sTheme . '/page/redeem.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign('text_information', sprintf($aLang['text_information'], oos_href_link($aContents['gv_faq'])));
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'text_gift_voucher' => $sTextGiftVoucher
)
);
$smarty->display($aTemplate['page']);

96
msd2/myoos/includes/content/home.php Normal file
View File

@ -0,0 +1,96 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: default.php,v 1.2 2003/01/09 09:40:07 elarifr
orig: default.php,v 1.81 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/home.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_default.php';
// default
$sCanonical = OOS_HTTPS_SERVER . OOS_SHOP;
$aTemplate['page'] = $sTheme . '/page/home.html';
if ($oEvent->installed_plugin('featured')) $aTemplate['featured'] = $sTheme . '/products/_featured.html';
if ($oEvent->installed_plugin('spezials')) $aTemplate['spezials'] = $sTheme . '/products/_spezials.html';
if ($oEvent->installed_plugin('manufacturers')) $aTemplate['mod_manufacturers'] = $sTheme . '/modules/manufacturers.html';
$aTemplate['new_products'] = $sTheme . '/products/_new_products.html';
$aTemplate['upcoming_products'] = $sTheme . '/page/products/upcoming_products.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'home_active' => 1,
'canonical' => $sCanonical
)
);
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if ($oEvent->installed_plugin('featured')) {
if (!$smarty->isCached($aTemplate['featured'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/featured.php';
}
$smarty->assign('featured', $smarty->fetch($aTemplate['featured'], $sModulesCacheID));
}
if ($oEvent->installed_plugin('spezials')) {
if (!$smarty->isCached($aTemplate['spezials'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/spezials.php';
}
$smarty->assign('spezials', $smarty->fetch($aTemplate['spezials'], $sModulesCacheID));
}
if (!$smarty->isCached($aTemplate['new_products'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/new_products.php';
}
$smarty->assign('new_products', $smarty->fetch($aTemplate['new_products'], $sModulesCacheID));
if ($oEvent->installed_plugin('manufacturers')) {
if (!$smarty->isCached($aTemplate['mod_manufacturers'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/mod_manufacturers.php';
}
$smarty->assign('mod_manufacturers', $smarty->fetch($aTemplate['mod_manufacturers'], $sModulesCacheID));
}
if (!$smarty->isCached($aTemplate['upcoming_products'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/upcoming_products.php';
}
$smarty->assign('upcoming_products', $smarty->fetch($aTemplate['upcoming_products'], $sModulesCacheID));
// display the template
$smarty->display($aTemplate['page']);

56
msd2/myoos/includes/content/info_down_for_maintenance.php Normal file
View File

@ -0,0 +1,56 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
WebMakers.com Added: Down for Maintenance No Store
Written by Linda McGrath osCOMMERCE@WebMakers.com
http://www.thewebmakerscorner.com
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('down_for_maintenance')) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/info_down_for_maintenance.php';
$aTemplate['page'] = $sTheme . '/page/coming-soon.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['info_down_for_maintenance']));
$sCanonical = oos_href_link($aContents['info_down_for_maintenance'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

62
msd2/myoos/includes/content/info_max_order.php Normal file
View File

@ -0,0 +1,62 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: max_order.php v1.00 2003/04/27 JOHNSON
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2001 - 2003 osCommerce
Max Order - 2003/04/27 JOHNSON - Copyright (c) 2003 Matti Ressler - mattifinn@optusnet.com.au
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the home page
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/info_max_order.php';
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['info_max_order'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/info.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

74
msd2/myoos/includes/content/information.php Normal file
View File

@ -0,0 +1,74 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: shipping.php,v 1.21 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$aTemplate['page'] = $sTheme . '/page/information.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nInformationsID = isset($_GET[information_id]) ? $_GET[information_id]+0 : 1;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|info|' . $sGroup . '|information|' . $nInformationsID . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$informationtable = $oostable['information'];
$information_descriptiontable = $oostable['information_description'];
$sql = "SELECT i.information_id, id.information_name,
id.information_description, id.information_heading_title
FROM $informationtable i,
$information_descriptiontable id
WHERE i.information_id = '" . intval($nInformationsID) . "'
AND id.information_id = i.information_id
AND id.information_languages_id = '" . intval($nLanguageID) . "'";
$information = $dbconn->GetRow($sql);
// links breadcrumb
$oBreadcrumb->add($information['information_heading_title'], oos_href_link($aContents['information'], 'information_id=' . intval($nInformationsID)));
$sCanonical = oos_href_link($aContents['information'], 'information_id=' . intval($nInformationsID), FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $information['information_heading_title'],
'canonical' => $sCanonical,
'informations' => $information,
'get_params' => 'information_id=' . intval($nInformationsID)
)
);
}
// display the template
$smarty->display($aTemplate['page']);

174
msd2/myoos/includes/content/login.php Normal file
View File

@ -0,0 +1,174 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: login.php,v 1.75 2003/02/13 03:01:49 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
Max Order - 2003/04/27 JOHNSON - Copyright (c) 2003 Matti Ressler - mattifinn@optusnet.com.au
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$bError = FALSE;
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = new oosUser();
$_SESSION['user']->anonymous();
}
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_login.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$email_address = oos_prepare_input($_POST['email_address']);
$password = oos_prepare_input($_POST['password']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
$_SESSION['error_message'] = $aLang['text_login_error'];
oos_redirect(oos_href_link($aContents['login']));
}
if ( empty( $password ) || !is_string( $password ) ) {
$_SESSION['error_message'] = $aLang['text_login_error'];
oos_redirect(oos_href_link($aContents['login']));
}
/* Check if it is ok to login */
if (!isset($_SESSION['password_forgotten_count'])) {
$_SESSION['login_count'] = 1;
} else {
$_SESSION['login_count'] ++;
}
if ( $_SESSION['login_count'] > 3) {
oos_redirect(oos_href_link($aContents['403']));
}
// Check if email exists
$customerstable = $oostable['customers'];
$sql = "SELECT customers_id, customers_gender, customers_firstname, customers_lastname,
customers_password, customers_wishlist_link_id, customers_language,
customers_email_address, customers_default_address_id, customers_max_order
FROM $customerstable
WHERE customers_login = '1'
AND customers_email_address = '" . oos_db_input($email_address) . "'";
$check_customer_result = $dbconn->Execute($sql);
if (!$check_customer_result->RecordCount()) {
$bError = TRUE;
} else {
$check_customer = $check_customer_result->fields;
// Check that password is good
if (!oos_validate_password($password, $check_customer['customers_password'])) {
$bError = TRUE;
} else {
$address_booktable = $oostable['address_book'];
$sql = "SELECT entry_vat_id, entry_vat_id_status, entry_country_id, entry_zone_id
FROM $address_booktable
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'
AND address_book_id = '" . intval($check_customer['customers_default_address_id']) . "'";
$check_country = $dbconn->GetRow($sql);
if ($check_customer['customers_language'] == '') {
$customerstable = $oostable['customers'];
$dbconn->Execute("UPDATE $customerstable
SET customers_language = '" . oos_db_input($sLanguage) . "'
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'");
}
$_SESSION['login_count'] = 1;
$_SESSION['customer_wishlist_link_id'] = $check_customer['customers_wishlist_link_id'];
$_SESSION['customer_id'] = $check_customer['customers_id'];
$_SESSION['customer_default_address_id'] = $check_customer['customers_default_address_id'];
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $check_customer['customers_gender'];
$_SESSION['customer_first_name'] = $check_customer['customers_firstname'];
$_SESSION['customer_lastname'] = $check_customer['customers_lastname'];
$_SESSION['customer_max_order'] = $check_customer['customers_max_order'];
$_SESSION['customer_country_id'] = $check_country['entry_country_id'];
$_SESSION['customer_zone_id'] = $check_country['entry_zone_id'];
if (ACCOUNT_VAT_ID == 'true') $_SESSION['customers_vat_id_status'] = $check_country['entry_vat_id_status'];
$_SESSION['user']->restore_group();
$aUser = $_SESSION['user']->group;
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("UPDATE $customers_infotable
SET customers_info_date_of_last_logon = now(),
customers_info_number_of_logons = customers_info_number_of_logons+1
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
// restore cart contents
$_SESSION['cart']->restore_contents();
if (count($_SESSION['navigation']->snapshot) > 0) {
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
$_SESSION['navigation']->clear_snapshot();
oos_redirect($origin_href);
} else {
oos_redirect(oos_href_link($aContents['account']));
}
}
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['login']));
$sCanonical = oos_href_link($aContents['login'], '', FALSE, TRUE);
if (isset($bError) && ($bError == TRUE)) {
$sErrorMessage = $aLang['text_login_error'];
}
$aTemplate['page'] = $sTheme . '/page/user_login.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('login') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('login') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['navbar_title'],
'robots' => 'noindex,follow,noodp,noydir',
'login_active' => 1,
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

84
msd2/myoos/includes/content/logoff.php Normal file
View File

@ -0,0 +1,84 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: logoff.php,v 1.1.2.2 2003/05/13 23:20:53 wilt Exp $
orig: logoff.php,v 1.12 2003/02/13 03:01:51 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_logoff.php';
unset($_SESSION['customer_id']);
unset($_SESSION['customer_wishlist_link_id']);
unset($_SESSION['customer_default_address_id']);
unset($_SESSION['customer_gender']);
unset($_SESSION['customer_first_name']);
unset($_SESSION['customer_lastname']);
unset($_SESSION['customer_country_id']);
unset($_SESSION['customer_zone_id']);
unset($_SESSION['comments']);
unset($_SESSION['customer_max_order']);
unset($_SESSION['gv_id']);
unset($_SESSION['cc_id']);
unset($_SESSION['man_key']);
if (ACCOUNT_VAT_ID == 'true') {
$_SESSION['customers_vat_id_status'] = 0;
}
$_SESSION['cart']->reset();
$_SESSION['user']->anonymous();
$aUser = $oUser->group;
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['logoff'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/user_logoff.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'login_active' => 1,
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

102
msd2/myoos/includes/content/newsletter.php Normal file
View File

@ -0,0 +1,102 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
Newsletter Module
P&G developmment
Contribution based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
Copyright (c) 2000,2001 The Exchange Project
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
if(!defined('OOS_VALID_MOD'))die('Direct Access to this location is not allowed.');
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/newsletter.php';
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
if ( isset($_GET['subscribe']) && ($_GET['subscribe'] == 'confirm') ) {
$sU = oos_prepare_input($_GET['u']);
$sID = oos_prepare_input($_GET['id']);
$sE = oos_prepare_input($_GET['e']);
if ( empty( $sU ) || !is_string( $sU ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $sID ) || !is_string( $sID ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $sE ) || !is_string( $sE ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$sSha1 = sha1($sID);
if ( $sSha1 != $sU ) {
oos_redirect(oos_href_link($aContents['403']));
}
$pos = strpos ($sID, "f00d");
if ($pos === FALSE) {
oos_redirect(oos_href_link($aContents['403']));
} else {
$sID = substr($sID, 4, -4);
}
$newsletter_recipients = $oostable['newsletter_recipients'];
$sql = "UPDATE $newsletter_recipients
SET date_added = now(),
status = '1'
WHERE recipients_id = '" . intval($sID) . "'
AND mail_key = '" . oos_db_input($sE) . "'";
$dbconn->Execute($sql);
$newsletter_recipients_history = $oostable['newsletter_recipients_history'];
$dbconn->Execute("INSERT INTO $newsletter_recipients_history
(recipients_id,
new_value,
date_added) VALUES ('" . intval($sID) . "',
'1',
now())");
oos_redirect(oos_href_link($aContents['newsletter'], 'subscribe=success'));
}
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['newsletter']));
$sCanonical = oos_href_link($aContents['newsletter'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/newsletter.html';
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nPageType = OOS_PAGE_TYPE_SERVICE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['navbar_title'],
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

147
msd2/myoos/includes/content/password_forgotten.php Normal file
View File

@ -0,0 +1,147 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: password_forgotten.php,v 1.48 2003/02/13 03:10:55 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_password_forgotten.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$email_address = oos_prepare_input($_POST['email_address']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
$_SESSION['error_message'] = $aLang['text_no_email_address_found'];
oos_redirect(oos_href_link($aContents['password_forgotten']));
}
if (!isset($_SESSION['password_forgotten_count'])) {
$_SESSION['password_forgotten_count'] = 1;
} else {
$_SESSION['password_forgotten_count'] ++;
}
if ( $_SESSION['password_forgotten_count'] > 3) {
oos_redirect(oos_href_link($aContents['403']));
}
$customerstable = $oostable['customers'];
$check_customer_sql = "SELECT customers_gender, customers_firstname, customers_lastname, customers_password, customers_id
FROM $customerstable
WHERE customers_email_address = '" . oos_db_input($email_address) . "'";
$check_customer_result = $dbconn->Execute($check_customer_sql);
if ($check_customer_result->RecordCount()) {
// Crypted password mods - create a new password, update the database and mail it to them
$newpass = oos_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
$crypted_password = oos_encrypt_password($newpass);
$customerstable = $oostable['customers'];
$dbconn->Execute("UPDATE $customerstable
SET customers_password = '" . oos_db_input($crypted_password) . "'
WHERE customers_id = '" . $check_customer['customers_id'] . "'");
$customers_name = $check_customer['customers_firstname'] . '. ' . $check_customer['customers_lastname'];
switch ($check_customer['customers_gender']) {
case 'm':
$sGreet = sprintf ($aLang['email_greet_mr'], $customers_name);
break;
case 'f':
$sGreet = sprintf ($aLang['email_greet_ms'], $customers_name);
break;
default:
$sGreet = $aLang['email_greet_none'];
}
//smarty
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_template.php';
$smarty = new myOOS_Smarty();
// dont allow cache
$smarty->caching = FALSE;
$smarty->assign(
array(
'shop_name' => STORE_NAME,
'shop_url' => OOS_HTTPS_SERVER . OOS_SHOP,
'shop_logo' => STORE_LOGO,
'services_url' => COMMUNITY,
'blog_url' => BLOG_URL,
'imprint_url' => oos_href_link($aContents['information'], 'information_id=1', FALSE, TRUE),
'login_url' => oos_href_link($aContents['login'], '', FALSE, TRUE),
'greet' => $sGreet,
'password' => $newpass
)
);
// create mails
$email_html = $smarty->fetch($sTheme . '/email/' . $sLanguage . '/password_forgotten.html');
$email_txt = $smarty->fetch($sTheme . '/email/' . $sLanguage . '/password_forgotten.tpl');
oos_mail($check_customer['customers_firstname'] . " " . $check_customer['customers_lastname'], $email_address, $aLang['email_password_reminder_subject'], $email_txt, $email_html, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
$_SESSION['password_forgotten_count'] = 1;
$_SESSION['success_message'] = $aLang['text_password_sent'];
oos_redirect(oos_href_link($aContents['login']));
} else {
$_SESSION['error_message'] = $aLang['text_no_email_address_found'];
oos_redirect(oos_href_link($aContents['password_forgotten']));
}
} else {
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['login']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['password_forgotten']));
$sCanonical = oos_href_link($aContents['password_forgotten'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/user_password_forgotten.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);
}

151
msd2/myoos/includes/content/popup_coupon_help.php Normal file
View File

@ -0,0 +1,151 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: popup_coupon_help.php,v 1.1.2.5 2003/05/02 01:43:29 wilt
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/gv_popup_coupon_help.php';
$text_coupon_help = $aLang['text_coupon_help_header'];
if (isset($_GET['cID'])) {
$cid = intval($_GET['cID']);
$couponstable = $oostable['coupons'];
$sql = "SELECT coupon_amount, coupon_type, coupon_amount, coupon_minimum_order,
coupon_start_date, coupon_expire_date
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($cid) . "'";
$coupon_result = $dbconn->Execute($sql);
$coupon = $coupon_result->fields;
$coupons_descriptiontable = $oostable['coupons_description'];
$sql = "SELECT coupon_name, coupon_description
FROM " . $coupons_descriptiontable . "
WHERE coupon_id = '" . oos_db_input($cid) . "'
AND coupon_languages_id = '" . intval($nLanguageID) . "'";
$coupon_desc_result = $dbconn->Execute($sql);
$coupon_desc = $coupon_desc_result->fields;
$text_coupon_help .= sprintf($aLang['text_coupon_help_name'], $coupon_desc['coupon_name']);
if (oos_is_not_null($coupon_desc['coupon_description'])) $text_coupon_help .= sprintf($aLang['text_coupon_help_desc'], $coupon_desc['coupon_description']);
$coupon_amount = $coupon['coupon_amount'];
switch ($coupon['coupon_type']) {
case 'F':
$text_coupon_help .= sprintf($aLang['text_coupon_help_fixed'], $oCurrencies->format($coupon['coupon_amount']));
break;
case 'P':
$text_coupon_help .= sprintf($aLang['text_coupon_help_fixed'], number_format($coupon['coupon_amount'],2). '%');
break;
case 'S':
$text_coupon_help .= $aLang['text_coupon_help_freeship'];
break;
default:
}
if ($coupon['coupon_minimum_order'] > 0 ) $text_coupon_help .= sprintf($aLang['text_coupon_help_minorder'], $oCurrencies->format($coupon['coupon_minimum_order']));
$text_coupon_help .= sprintf($aLang['text_coupon_help_date'], oos_date_short($coupon['coupon_start_date']),oos_date_short($coupon['coupon_expire_date']));
$text_coupon_help .= '<strong>' . $aLang['text_coupon_help_restrict'] . '</strong>';
$text_coupon_help .= '<br /><br />' . $aLang['text_coupon_help_categories'];
$couponstable = $oostable['coupons'];
$sql = "SELECT restrict_to_categories
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($cid) . "'";
$coupon_get = $dbconn->Execute($sql);
$get_result = $coupon_get->fields;
$cat_ids = explode("[,]", $get_result['restrict_to_categories']);
for ($i = 0; $i < count($cat_ids); $i++) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, c.categories_status, cd.categories_name
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND cd.categories_id = '" . oos_db_input($cat_ids[$i]) . "'";
$result = $dbconn->Execute($sql);
if ($row = $result->fields) {
$cats .= '<br />' . $row["categories_name"];
}
}
if ($cats == '') $cats = '<br />NONE';
$text_coupon_help .= $cats;
$text_coupon_help .= '<br /><br />' . $aLang['text_coupon_help_products'];
$couponstable = $oostable['coupons'];
$sql = "SELECT restrict_to_products
FROM $couponstable
WHERE coupon_id='" . oos_db_input($cid) . "'";
$coupon_get = $dbconn->Execute($sql);
$get_result = $coupon_get->fields;
$pr_ids = explode("[,]", $get_result['restrict_to_products']);
for ($i = 0; $i < count($pr_ids); $i++) {
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, p.products_status, pd.products_name
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_id = '" . oos_db_input($pr_ids[$i]) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$result = $dbconn->Execute($sql);
if ($row = $result->fields) {
$prods .= '<br />' . $row["products_name"];
}
}
if ($prods=='') $prods = '<br />NONE';
$text_coupon_help .= $prods;
} else {
$cid = 0;
}
$aTemplate['popup_help'] = $sTheme . '/system/popup_help.html';
//smarty
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_template.php';
$smarty = new myOOS_Smarty();
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
$cid += 0;
$help_cache_id = $sTheme . '|popup|coupon|' . $cid . '|' . $sLanguage;
if (!$smarty->isCached($aTemplate['popup_help'], $help_cache_id )) {
// assign Smarty variables;
$smarty->assign('oos_base', OOS_HTTPS_SERVER . OOS_SHOP);
$smarty->assign('lang', $aLang);
$smarty->assign('heading_titel', $aLang['heading_coupon_help']);
$smarty->assign('help_text', $text_coupon_help);
$smarty->assign('theme_image', 'themes/' . $sTheme . '/images');
$smarty->assign('theme_css', 'themes/' . $sTheme);
}
// display the template
$smarty->display($aTemplate['popup_help'], $help_cache_id);

298
msd2/myoos/includes/content/product_info.php Normal file
View File

@ -0,0 +1,298 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_info.php,v 1.92 2003/02/14 05:51:21 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being required by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
} else {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/products_info.php';
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$product_info_sql = "SELECT p.products_id, pd.products_name, pd.products_title, pd.products_description, pd.products_short_description, pd.products_url,
pd.products_description_meta, p.products_model, p.products_replacement_product_id,
p.products_quantity, p.products_image, p.products_price, p.products_base_price,
p.products_product_quantity, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_quantity_order_units,
p.products_discount1, p.products_discount2, p.products_discount3, p.products_discount4,
p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_date_added,
p.products_date_available, p.manufacturers_id, p.products_price_list, p.products_status
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_id = '" . intval($nProductsID) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$product_info_result = $dbconn->Execute($product_info_sql);
if (!$product_info_result->RecordCount()) {
// product not found
header('HTTP/1.0 404 Not Found');
$aLang['text_information'] = $aLang['text_product_not_found'];
$aTemplate['page'] = $sTheme . '/page/info.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = '404 Not Found ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['products_new']));
$sCanonical = oos_href_link($aContents['product_info'], 'products_id='. $nProductsID, FALSE, TRUE);
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['text_product_not_found'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical
)
);
} else {
$products_descriptiontable = $oostable['products_description'];
$query = "UPDATE $products_descriptiontable"
. " SET products_viewed = products_viewed+1"
. " WHERE products_id = ?"
. " AND products_languages_id = ?";
$result = $dbconn->Execute($query, array((int)$nProductsID, (int)$nLanguageID));
$product_info = $product_info_result->fields;
// Meta Tags
$sPagetitle = (empty($product_info['products_title']) ? $product_info['products_name'] : $product_info['products_title']);
$sDescription = $product_info['products_description_meta'];
$aTemplate['page'] = $sTheme . '/page/product_info.html';
$aTemplate['also_purchased_products'] = $sTheme . '/products/_also_purchased_products.html';
$aTemplate['xsell_products'] = $sTheme . '/products/xsell_products.html';
$aTemplate['up_sell_products'] = $sTheme . '/products/up_sell_products.html';
$aTemplate['page_heading'] = $sTheme . '/products/product_heading.html';
$aTemplate['slavery_products'] = $sTheme . '/products/_slavery_product_listing.html';
$aTemplate['slavery_page_navigation'] = $sTheme . '/system/_pagination.htm';
$nPageType = OOS_PAGE_TYPE_PRODUCTS;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// breadcrumb
$oBreadcrumb->add($product_info['products_name']);
$sCanonical = oos_href_link($aContents['product_info'], 'products_id='. $nProductsID, FALSE, TRUE);
// products history
if (isset($_SESSION)) {
$_SESSION['products_history']->add_current_products($nProductsID);
}
$info_product_price = NULL;
$info_product_special_price = NULL;
$info_base_product_price = NULL;
$info_product_price_list = 0;
$schema_product_price = NULL;
$base_product_price = $product_info['products_price'];
$info_product_price = $oCurrencies->display_price($product_info['products_price'], oos_get_tax_rate($product_info['products_tax_class_id']));
$schema_product_price = $oCurrencies->schema_price($product_info['products_price'], oos_get_tax_rate($product_info['products_tax_class_id']), 1, FALSE);
if ($info_special_price = oos_get_products_special_price($product_info['products_id'])) {
$base_product_price = $info_special_price;
$info_product_special_price = $oCurrencies->display_price($info_special_price, oos_get_tax_rate($product_info['products_tax_class_id']));
}
$discounts_price = FALSE;
if ( (oos_empty($info_special_price)) && ( ($product_info['products_discount4_qty'] > 0
|| $product_info['products_discount3_qty'] > 0
|| $product_info['products_discount2_qty'] > 0
|| $product_info['products_discount1_qty'] > 0 )) ) {
if ( ($aUser['show_price'] == 1 ) && ($aUser['qty_discounts'] == 1) ) {
$discounts_price = TRUE;
require_once MYOOS_INCLUDE_PATH . '/includes/modules/discounts_price.php';
if ( $product_info['products_discount4'] > 0 ) {
$price_discount = $product_info['products_discount4'];
} elseif ( $product_info['products_discount3'] > 0 ) {
$price_discount = $product_info['products_discount3'];
} elseif ( $product_info['products_discount2'] > 0 ) {
$price_discount = $product_info['products_discount2'];
} elseif ( $product_info['products_discount1'] > 0 ) {
$price_discount = $product_info['products_discount1'];
}
if (isset($price_discount)) {
$base_product_price = $price_discount;
$smarty->assign('price_discount', $oCurrencies->display_price($price_discount, oos_get_tax_rate($product_info['products_tax_class_id'])));
}
}
}
if ($product_info['products_base_price'] != 1) {
$info_base_product_price = $oCurrencies->display_price($base_product_price * $product_info['products_base_price'], oos_get_tax_rate($product_info['products_tax_class_id']));
}
// assign Smarty variables;
$smarty->assign(
array(
'info_product_price' => $info_product_price,
'schema_product_price' => $schema_product_price,
'info_product_special_price' => $info_product_special_price,
'info_base_product_price' => $info_base_product_price,
'discounts_price' => $discounts_price
)
);
$info_product_price_list = $oCurrencies->display_price($product_info['products_price_list'], oos_get_tax_rate($product_info['products_tax_class_id']));
$smarty->assign('info_product_price_list', $info_product_price_list);
if ($oEvent->installed_plugin('manufacturers')) {
$manufacturerstable = $oostable['manufacturers'];
$manufacturers_infotable = $oostable['manufacturers_info'];
$query = "SELECT m.manufacturers_id, m.manufacturers_name, m.manufacturers_image, mi.manufacturers_url
FROM $manufacturerstable m,
$manufacturers_infotable mi
WHERE m.manufacturers_id = '" . intval($product_info['manufacturers_id']) . "'
AND mi.manufacturers_id = m.manufacturers_id
AND mi.manufacturers_languages_id = '" . intval($nLanguageID) . "'";
$manufacturers_result = $dbconn->Execute($query);
$manufacturers_info = $manufacturers_result->fields;
$smarty->assign('manufacturers_info', $manufacturers_info);
}
if ($oEvent->installed_plugin('reviews')) {
$reviewstable = $oostable['reviews'];
$reviews_sql = "SELECT COUNT(*) AS total FROM $reviewstable WHERE products_id = '" . intval($nProductsID) . "' AND reviews_status = '1'";
$reviews = $dbconn->Execute($reviews_sql);
$reviews_total = $reviews->fields['total'];
$smarty->assign('reviews_total', $reviews_total);
if ($reviews->RecordCount()) {
$reviews_average_result = $dbconn->Execute("SELECT avg(reviews_rating) as average_rating FROM $reviewstable WHERE products_id = '" . intval($nProductsId) . "'");
$reviews_average = $reviews_average_result->fields;
$smarty->assign('average_rating', $reviews_average);
}
}
// more products images
$products_imagestable = $oostable['products_images'];
$products_images_sql = "SELECT image_name, sort_order
FROM $products_imagestable
WHERE products_id = '" . intval($nProductsID) . "'
ORDER BY sort_order";
$products_images_result = $dbconn->Execute($products_images_sql);
if ($products_images_result->RecordCount()) {
$aProductsImages = array();
while ($products_images = $products_images_result->fields) {
$aProductsImages[] = array('image' => $products_images['image_name']);
// Move that ADOdb pointer!
$products_images_result->MoveNext();
}
$smarty->assign('products_images', $aProductsImages);
}
require_once MYOOS_INCLUDE_PATH . '/includes/modules/products_options.php';
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'canonical' => $sCanonical
)
);
if (!isset($block_get_parameters)) {
$block_get_parameters = oos_get_all_get_parameters(array('action'));
$block_get_parameters = oos_remove_trailing($block_get_parameters);
$smarty->assign('get_params', $block_get_parameters);
}
$today = date("Y-m-d H:i:s");
$smarty->assign('today', $today);
$smarty->assign('product_info', $product_info);
$smarty->assign('heading_title', $product_info['products_name']);
$smarty->assign('options', $options);
$smarty->assign('redirect', oos_href_link($aContents['redirect'], 'action=url&amp;goto=' . urlencode($product_info['products_url']), FALSE, FALSE));
$notifications_block = FALSE;
if ($oEvent->installed_plugin('notify')) {
$notifications_block = TRUE;
if (isset($_SESSION['customer_id'])) {
$products_notificationstable = $oostable['products_notifications'];
$query = "SELECT COUNT(*) AS total
FROM $products_notificationstable
WHERE products_id = '" . intval($nProductsID) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check = $dbconn->Execute($query);
$notification_exists = (($check->fields['total'] > 0) ? TRUE : FALSE);
} else {
$notification_exists = FALSE;
}
$smarty->assign('notification_exists', $notification_exists);
}
$smarty->assign('notifications_block', $notifications_block);
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['slavery_products'], $sProductsInfoCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/slavery_products.php';
}
$smarty->assign('slavery_products', $smarty->fetch($aTemplate['slavery_products'], $sProductsInfoCacheID));
// also purchased products
if (!$smarty->isCached($aTemplate['also_purchased_products'], $sProductsInfoCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/also_purchased_products.php';
$smarty->assign('also_purchased', $aPurchased);
}
$smarty->assign('also_purchased_products', $smarty->fetch($aTemplate['also_purchased_products'], $sProductsInfoCacheID));
$smarty->setCaching(false);
}
// display the template
$smarty->display($aTemplate['page']);

132
msd2/myoos/includes/content/product_notifications.php Normal file
View File

@ -0,0 +1,132 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_notifications.php,v 1.7 2003/02/14 05:51:27 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('notify')) {
oos_redirect(oos_href_link($aContents['home']));
}
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_product_notifications.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'update_notifications') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
(array)$products = $_POST['products'];
$aRemove = array();
for ($i=0, $n=count($products); $i<$n; $i++) {
if (is_numeric($products[$i])) {
$aRemove[] = $products[$i];
}
}
if (oos_is_not_null($aRemove)) {
$products_notificationstable = $oostable['products_notifications'];
$dbconn->Execute("DELETE FROM $products_notificationstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND
products_id IN (" . implode(',', $aRemove) . ")");
}
oos_redirect(oos_href_link($aContents['product_notifications']));
} elseif ( isset($_POST['action']) && ($_POST['action'] == 'global_notify') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (isset($_POST['global']) && ($_POST['global'] == 'enable')) {
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("UPDATE $customers_infotable
SET global_product_notifications = '1'
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
} else {
$customers_infotable = $oostable['customers_info'];
$sql = "SELECT COUNT(*) AS total
FROM $customers_infotable
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'
AND global_product_notifications = '1'";
$check_result = $dbconn->Execute($sql);
if ($check_result->fields['total'] > 0) {
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("UPDATE $customers_infotable
SET global_product_notifications = '0'
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
}
}
oos_redirect(oos_href_link($aContents['product_notifications']));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['product_notifications']));
$aTemplate['page'] = $sTheme . '/page/user_product_notifications.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir'
)
);
$customers_infotable = $oostable['customers_info'];
$sql = "SELECT global_product_notifications
FROM $customers_infotable
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$global_status_result = $dbconn->Execute($sql);
$global_status = $global_status_result->fields;
$smarty->assign('global_status', $global_status);
$products_descriptionstable = $oostable['products_description'];
$products_notificationstable = $oostable['products_notifications'];
$sql = "SELECT pd.products_id, pd.products_name
FROM $products_descriptionstable pd,
$products_notificationstable pn
WHERE pn.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND pn.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
ORDER BY pd.products_name";
$smarty->assign('products_array', $dbconn->GetAll($sql));
// display the template
$smarty->display($aTemplate['page']);

128
msd2/myoos/includes/content/product_reviews.php Normal file
View File

@ -0,0 +1,128 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_reviews.php,v 1.47 2003/02/13 03:53:19 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
if (isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
} else {
oos_redirect(oos_href_link($aContents['reviews']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews_product.php';
// lets retrieve all $_GET keys and values..
$get_params = oos_get_all_get_parameters(array('reviews_id'));
$get_params = oos_remove_trailing($get_params);
$nPage = isset($_GET[page]) ? $_GET[page]+0 : 1;
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, p.products_model, p.products_replacement_product_id, p.products_image, pd.products_name
FROM $productstable p,
$products_descriptiontable pd
WHERE pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p.products_setting = '2'
AND p.products_id = pd.products_id
AND pd.products_id = '" . intval($nProductsID) . "'";
$product_info_result = $dbconn->Execute($sql);
if (!$product_info_result->RecordCount()) {
oos_redirect(oos_href_link($aContents['reviews']));
}
$product_info = $product_info_result->fields;
$reviewstable = $oostable['reviews'];
$reviews_descriptiontable = $oostable['reviews_description'];
$reviews_result_raw = "SELECT r.reviews_id, left(rd.reviews_text, 100) AS reviews_text, r.verified, r.reviews_rating, r.date_added, r.customers_name, r.reviews_read
FROM $reviewstable r,
$reviews_descriptiontable rd
WHERE r.products_id = '" . intval($nProductsID) . "'
AND r.reviews_id = rd.reviews_id
AND rd.reviews_languages_id = '" . intval($nLanguageID) . "'
AND r.reviews_status = 1
ORDER BY r.reviews_id DESC";
$reviews_split = new splitPageResults($reviews_result_raw, MAX_DISPLAY_NEW_REVIEWS);
$reviews_result = $dbconn->Execute($reviews_split->sql_query);
$aReviews = array();
while ($reviews = $reviews_result->fields) {
$aReviews[] = array('rating' => $reviews['reviews_rating'],
'id' => $reviews['reviews_id'],
'reviews_text' => $reviews['reviews_text'],
'customers_name' => $reviews['customers_name'],
'date_added' => oos_date_short($reviews['date_added']),
'read' => $reviews['reviews_read']);
$reviews_result->MoveNext();
}
// add the products model or products_name to the breadcrumb trail
// links breadcrumb
$oBreadcrumb->add($product_info['products_name'], oos_href_link($aContents['product_info'], 'category=' . $sCategory . '&amp;products_id=' . $nProductsID));
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['product_reviews'], $get_params));
$sCanonical = oos_href_link($aContents['product_reviews'], $get_params, FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/product_reviews.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_REVIEWS;
$sPagetitle = sprintf($aLang['heading_title'], $product_info['products_name']) . ' ' . OOS_META_TITLE;
if ($oMessage->size('reviews') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('reviews') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => sprintf($aLang['heading_title'], $product_info['products_name']),
'canonical' => $sCanonical,
'page_split' => $reviews_split->display_count($aLang['text_display_number_of_reviews']),
'display_links' => $reviews_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $reviews_split->number_of_rows,
'numpages' => $reviews_split->number_of_pages,
'reviews' => $aReviews
)
);
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

95
msd2/myoos/includes/content/product_reviews_info.php Normal file
View File

@ -0,0 +1,95 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_reviews_info.php,v 1.47 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
if (!isset($_GET['reviews_id'])) {
oos_redirect(oos_href_link($aContents['reviews']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews_product_info.php';
$reviewstable = $oostable['reviews'];
$productstable = $oostable['products'];
$reviews_descriptiontable = $oostable['reviews_description'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT rd.reviews_headline, rd.reviews_text, r.reviews_rating, r.reviews_id, r.products_id,
r.customers_name, r.verified, r.date_added, r.last_modified, r.reviews_read,
p.products_id, pd.products_name, p.products_model, p.products_replacement_product_id, p.products_image
FROM $reviewstable r,
$reviews_descriptiontable rd,
$productstable p,
$products_descriptiontable pd
WHERE r.reviews_id = '" . intval($_GET['reviews_id']) . "'
AND r.reviews_id = rd.reviews_id
AND rd.reviews_languages_id = '" . intval($nLanguageID) . "'
AND r.products_id = p.products_id
AND p.products_setting = '2'
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$reviews_result = $dbconn->Execute($sql);
if (!$reviews_result->RecordCount()){
// product reviews not found
oos_redirect(oos_href_link($aContents['reviews']));
}
$reviews = $reviews_result->fields;
$dbconn->Execute("UPDATE " . $oostable['reviews'] . "
SET reviews_read = reviews_read+1
WHERE reviews_id = '" . $reviews['reviews_id'] . "'");
// add the products model or products_name to the breadcrumb trail
// links breadcrumb
$oBreadcrumb->add($reviews['products_name'], oos_href_link($aContents['product_info'], 'category=' . $sCategory . '&amp;products_id=' . $reviews['products_id']));
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['product_reviews']));
$sCanonical = oos_href_link($aContents['product_reviews'], $get_parameters, FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/product_reviews_info.html';
$nPageType = OOS_PAGE_TYPE_REVIEWS;
$sPagetitle = sprintf($aLang['heading_title'], $reviews['products_name']) . ' ' . OOS_META_TITLE;
if ($oMessage->size('reviews') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('reviews') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => sprintf($aLang['heading_title'], $reviews['products_name']),
'canonical' => $sCanonical,
'reviews' => $reviews
)
);
// display the template
$smarty->display($aTemplate['page']);

226
msd2/myoos/includes/content/product_reviews_write.php Normal file
View File

@ -0,0 +1,226 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_reviews_write.php,v 1.51 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
if (isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
} elseif (isset($_POST['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_POST['products_id']);
} else {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews_product_write.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
$oMessage->add_session('login', $aLang['error_login_for_rating'], 'danger');
oos_redirect(oos_href_link($aContents['login']));
}
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, pd.products_name, p.products_image
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_id = '" . intval($nProductsID) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p.products_setting = '2'";
$product_result = $dbconn->Execute($sql);
$valid_product = ($product_result->RecordCount() > 0);
$product_info = $product_result->fields;
if ( isset($_POST['action']) && ($_POST['action'] == 'reviews-write-process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) &&
( $valid_product == TRUE ) ) {
$review = oos_prepare_input($_POST['review']);
$rating = oos_prepare_input($_POST['rating']);
$headline = oos_prepare_input($_POST['headline']);
$bError = FALSE;
if (strlen($review) < REVIEW_TEXT_MIN_LENGTH) {
$oMessage->add('product_reviews_write', $aLang['review_text']);
$bError = TRUE;
}
if (!isset($_POST['rating'])) {
$oMessage->add('product_reviews_write', $aLang['review_rating']);
$bError = TRUE;
}
if (strlen($headline) < 10) {
$oMessage->add('product_reviews_write', $aLang['review_headline']);
$bError = TRUE;
}
if ($bError === FALSE) {
$customerstable = $oostable['customers'];
$sql = "SELECT customers_firstname, customers_lastname
FROM $customerstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$customer_info_result = $dbconn->Execute($sql);
$customer_info = $customer_info_result->fields;
$firstname = ltrim($customer_info['customers_firstname']);
$firstname = substr($firstname, 0, 1);
$lastname = ltrim($customer_info['customers_lastname']);
$lastname = substr($lastname, 0, 1);
$customers_name = $firstname . '. ' . $lastname . '. ';
$orderstable = $oostable['orders'];
$orders_productstable = $oostable['orders_products'];
$query = "SELECT o.orders_id, op.products_id
FROM $orderstable o,
$orders_productstable op
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND o.orders_id = op.orders_id
AND op.products_id = '" . intval($nProductsId) . "'";
$orders_result = $dbconn->Execute($query);
if ($orders_result->RecordCount()) {
$nValidReviews = 1;
} else {
$nValidReviews = 0;
}
$date_now = date('Ymd');
$reviewstable = $oostable['reviews'];
$dbconn->Execute("INSERT INTO $reviewstable
(products_id,
customers_id,
customers_name,
verified,
reviews_rating,
date_added,
reviews_read,
reviews_status) VALUES ('" . intval($nProductsID) . "',
'" . intval($_SESSION['customer_id']) . "',
'" . oos_db_input($customers_name) . "',
'" . intval($nValidReviews) . "',
'" . oos_db_input($rating) . "',
now(),
'0',
'0')");
$insert_id = $dbconn->Insert_ID();
$reviews_descriptiontable = $oostable['reviews_description'];
$dbconn->Execute("INSERT INTO $reviews_descriptiontable
(reviews_id,
reviews_languages_id,
reviews_headline,
reviews_text) VALUES ('" . intval($insert_id) . "',
'" . intval($nLanguageID) . "',
'" . oos_db_input($headline) . "',
'" . oos_db_input($review) . "')");
$email_subject = 'Review: ' . $product_info['products_name'];
$email_text = "\n";
$email_text .= "Firstname: ". $customer_values['customers_firstname'] . "\n";
$email_text .= "Lastname: ". $customer_values['customers_lastname'] . "\n";
$email_text .= "E-Mail: ". $customer_values['customers_email_address'] . "\n";
$email_text .= "\n";
$email_text .= "Text: ". $review . "\n";
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $email_subject, nl2br($email_text), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '');
// clear cache
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_template.php';
$smarty = new myOOS_Smarty();
$smarty->clearCache(NULL, $sTheme.'|products|reviews');
$oMessage->add_session('reviews', $aLang['info_review_waiting'], 'success');
oos_redirect(oos_href_link($aContents['product_reviews'], 'products_id=' . intval($nProductsID)));
}
}
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['product_reviews'], 'products_id=' . intval($nProductsID)));
$sCanonical = oos_href_link($aContents['product_reviews_write'], 'products_id=' . intval($nProductsID), FALSE, TRUE);
$customerstable = $oostable['customers'];
$sql = "SELECT customers_firstname, customers_lastname
FROM $customerstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$customer_info_result = $dbconn->Execute($sql);
$customer_info = $customer_info_result->fields;
$firstname = ltrim($customer_info['customers_firstname']);
$firstname = substr($firstname, 0, 1);
$lastname = ltrim($customer_info['customers_lastname']);
$lastname = substr($lastname, 0, 1);
$customers_name = $firstname . '. ' . $lastname . '. ';
$aTemplate['page'] = $sTheme . '/page/product_reviews_write.html';
$aTemplate['javascript'] = $sTheme . '/js/product_reviews_write.html';
$nPageType = OOS_PAGE_TYPE_REVIEWS;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('product_reviews_write') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('product_reviews_write') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'valid_product' => $valid_product,
'product_info' => $product_info,
'customers_name' => $customers_name
)
);
$smarty->assign('javascript', $smarty->fetch($aTemplate['javascript']));
// display the template
$smarty->display($aTemplate['page']);

142
msd2/myoos/includes/content/products_new.php Normal file
View File

@ -0,0 +1,142 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: products_new.php,v 1.2 2003/01/09 09:40:07 elarifr
orig: products_new.php,v 1.24 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/products_new.php';
$aTemplate['page'] = $sTheme . '/page/products_new.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|products_new|' . $nPage. '|' . $sGroup . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$productstable = $oostable['products'];
$specialsstable = $oostable['specials'];
$manufacturersstable = $oostable['manufacturers'];
$products_descriptiontable = $oostable['products_description'];
$products_new_result_raw = "SELECT p.products_id, pd.products_name, p.products_image, p.products_price,
p.products_base_price, p.products_base_unit, p.products_units_id,
p.products_product_quantity, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_quantity_order_units,
p.products_tax_class_id, pd.products_short_description,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
p.products_date_added, p.manufacturers_id, m.manufacturers_name
FROM $productstable p LEFT JOIN
$manufacturersstable m ON p.manufacturers_id = m.manufacturers_id LEFT JOIN
$products_descriptiontable pd ON p.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' LEFT JOIN
$specialsstable s ON p.products_id = s.products_id
WHERE p.products_setting = '2'
ORDER BY p.products_date_added DESC, pd.products_name";
$products_new_split = new splitPageResults($products_new_result_raw, MAX_DISPLAY_PRODUCTS_NEW);
$products_new_result = $dbconn->Execute($products_new_split->sql_query);
$products_new_array = array();
while ($products_new = $products_new_result->fields) {
$new_product_price = '';
$new_product_special_price = '';
$new_product_discount_price = '';
$new_base_product_price = '';
$base_product_price = $products_new['products_price'];
$new_product_price = $oCurrencies->display_price($products_new['products_price'], oos_get_tax_rate($products_new['products_tax_class_id']));
if (isset($products_new['specials_new_products_price'])) {
$base_product_price = $products_new['specials_new_products_price'];
$new_product_special_price = $oCurrencies->display_price($products_new['specials_new_products_price'], oos_get_tax_rate($products_new['products_tax_class_id']));
}
if ($products_new['products_base_price'] != 1) {
$new_base_product_price = $oCurrencies->display_price($base_product_price * $products_new['products_base_price'], oos_get_tax_rate($products_new['products_tax_class_id']));
}
$order_min = number_format($listing['products_quantity_order_min']);
$order_max = number_format($listing['products_quantity_order_max']);
$products_new_array[] = array(
'id' => $products_new['products_id'],
'name' => $products_new['products_name'],
'image' => $products_new['products_image'],
'products_short_description' => $products_new['products_short_description'],
'new_product_price' => $new_product_price,
'new_product_units' => $products_new['products_units_id'],
'new_product_quantity' => $products_new['products_product_quantity'],
'order_min' => $order_min,
'order_max' => $order_max,
'new_product_special_price' => $new_product_special_price,
'new_product_discount_price' => $new_product_discount_price,
'new_base_product_price' => $new_base_product_price,
'products_base_price' => $products_new['products_base_price'],
'new_products_base_unit' => $products_new['products_base_unit'],
'date_added' => $products_new['products_date_added'],
'manufacturers_id' => $products_new['manufacturers_id'],
'manufacturer' => $products_new['manufacturers_name']);
$products_new_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['products_new']));
$sCanonical = oos_href_link($aContents['products_new'], 'page='. $nPage, FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical,
'page_split' => $products_new_split->display_count($aLang['text_display_number_of_products_new']),
'display_links' => $products_new_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $products_new_split->number_of_rows,
'numpages' => $products_new_split->number_of_pages,
'page' => $nPage,
'products_new' => $products_new_array
)
);
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $nContentCacheID));
// display the template
$smarty->display($aTemplate['page']);

82
msd2/myoos/includes/content/redirect.php Normal file
View File

@ -0,0 +1,82 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: redirect.php,v 1.9 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
switch ($_GET['action']) {
case 'url':
if (isset($_GET['goto']) && oos_is_not_null($_GET['goto'])) {
$products_descriptiontable = $oostable['products_description'];
$check_sql = "SELECT products_url FROM $products_descriptiontable WHERE products_url = '" . oos_db_input($_GET['goto']) . "'";
$check_result = $dbconn->Execute($check_sql);
if ($check_result->RecordCount() >= 1) {
oos_redirect('http://' . $_GET['goto']);
}
}
break;
case 'manufacturer' :
if (isset($_GET['manufacturers_id']) && is_numeric($_GET['manufacturers_id'])) {
$manufacturers_id = intval($_GET['manufacturers_id']);
$manufacturers_infotable = $oostable['manufacturers_info'];
$sql = "SELECT manufacturers_url
FROM $manufacturers_infotable
WHERE manufacturers_id = '" . intval($manufacturers_id) . "'
AND manufacturers_languages_id = '" . intval($nLanguageID) . "'";
$manufacturer_result = $dbconn->Execute($sql);
if (!$manufacturer_result->RecordCount()) {
// no url exists for the selected language, lets use the default language then
$manufacturers_infotable = $oostable['manufacturers_info'];
$languagestable = $oostable['languages'];
$sql = "SELECT mi.manufacturers_languages_id, mi.manufacturers_url
FROM $manufacturers_infotable mi,
$languagestable l
WHERE mi.manufacturers_id = '" . intval($manufacturers_id) . "'
AND mi.manufacturers_languages_id = l.iso_639_2
AND l.iso_639_2 = '" . DEFAULT_LANGUAGE . "'";
$manufacturer_result = $dbconn->Execute($sql);
if (!$manufacturer_result->RecordCount()) {
// no url exists, return to the site
oos_redirect(oos_href_link($aContents['home']));
} else {
$manufacturer = $manufacturer_result->fields;
$manufacturers_infotable = $oostable['manufacturers_info'];
$dbconn->Execute("UPDATE $manufacturers_infotable SET url_clicked = url_clicked+1, date_last_click = now() WHERE manufacturers_id = '" . intval($manufacturers_id) . "' AND manufacturers_languages_id = '" . intval($manufacturer['manufacturers_languages_id']) . "'");
}
} else {
// url exists in selected language
$manufacturer = $manufacturer_result->fields;
$manufacturers_infotable = $oostable['manufacturers_info'];
$dbconn->Execute("UPDATE $manufacturers_infotable SET url_clicked = url_clicked+1, date_last_click = now() WHERE manufacturers_id = '" . intval($manufacturers_id) . "' AND manufacturers_languages_id = '" . intval($nLanguageID) . "'");
}
oos_redirect($manufacturer['manufacturers_url']);
}
break;
}
oos_redirect(oos_href_link($aContents['home']));

131
msd2/myoos/includes/content/reviews.php Normal file
View File

@ -0,0 +1,131 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: reviews.php,v 1.47 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews.php';
/**
* Get the number of times a word/character is present in a string
*
* @param $sStr
* @param $sNeedle
* @return number
*/
function oosWordCount($sStr, $sNeedle = ' ') {
$aTemp = explode($sNeedle, $sStr);
return count($aTemp);
}
$aTemplate['page'] = $sTheme . '/page/reviews.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|products|reviews|' . $nPage. '|' . $sGroup . '|' . $sLanguage;
if ($oMessage->size('reviews') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('reviews') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$reviewstable = $oostable['reviews'];
$productstable = $oostable['products'];
$reviews_descriptiontable = $oostable['reviews_description'];
$products_descriptiontable = $oostable['products_description'];
$reviews_result_raw = "SELECT r.reviews_id, rd.reviews_headline, rd.reviews_text,
r.reviews_rating, r.date_added, p.products_id,
pd.products_name, p.products_image, r.customers_name
FROM $reviewstable r, $reviews_descriptiontable rd,
$productstable p, $products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_id = r.products_id
AND r.reviews_id = rd.reviews_id
AND p.products_id = pd.products_id
AND r.reviews_status = 1
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND rd.reviews_languages_id = '" . intval($nLanguageID) . "'
ORDER BY r.reviews_id DESC";
$reviews_split = new splitPageResults($reviews_result_raw, MAX_DISPLAY_NEW_REVIEWS);
$reviews_result = $dbconn->Execute($reviews_split->sql_query);
$aReviews = array();
while ($reviews = $reviews_result->fields) {
$aReviews[] = array('id' => $reviews['reviews_id'],
'products_id' => $reviews['products_id'],
'reviews_id' => $reviews['reviews_id'],
'products_name' => $reviews['products_name'],
'products_image' => $reviews['products_image'],
'authors_name' => $reviews['customers_name'],
'reviews_headline' => $reviews['reviews_headline'],
'review' => htmlspecialchars(substr($reviews['reviews_text'], 0, 250)) . '..',
'rating' => $reviews['reviews_rating'],
'word_count' => oosWordCount($reviews['reviews_text'], ' '),
'date_added' => oos_date_long($reviews['date_added']));
$reviews_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['reviews']));
$sCanonical = oos_href_link($aContents['reviews'], 'page=' . $nPage, FALSE, TRUE);
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'page_split' => $reviews_split->display_count($aLang['text_display_number_of_reviews']),
'display_links' => $reviews_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $reviews_split->number_of_rows,
'numpages' => $reviews_split->number_of_pages,
'page' => $nPage,
'reviews' => $aReviews
)
);
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $nContentCacheID));
// display the template
$smarty->display($aTemplate['page']);

547
msd2/myoos/includes/content/shop.php Normal file
View File

@ -0,0 +1,547 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: default.php,v 1.2 2003/01/09 09:40:07 elarifr
orig: default.php,v 1.81 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being required by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/shop.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_default.php';
// the following cPath references come from main.php
$category_depth = 'top';
$aLang['heading_title'] = $aLang['heading_title_top'];
if (isset($sCategory) && oos_is_not_null($sCategory)) {
$products_to_categoriestable = $oostable['products_to_categories'];
$sql = "SELECT COUNT(*) AS total
FROM $products_to_categoriestable
WHERE categories_id = '" . intval($nCurrentCategoryID) . "'";
$categories_products = $dbconn->Execute($sql);
if ($categories_products->fields['total'] > 0) {
$category_depth = 'products'; // display products
$aLang['heading_title'] = $aLang['heading_title_products'];
} else {
$categoriestable = $oostable['categories'];
$sql = "SELECT COUNT(*) AS total
FROM $categoriestable
WHERE parent_id = '" . intval($nCurrentCategoryID) . "'";
$category_parent = $dbconn->Execute($sql);
if ($category_parent->fields['total'] > 0) {
$category_depth = 'nested'; // navigate through the categories
$aLang['heading_title'] = $aLang['heading_title_nested'];
} else {
$category_depth = 'products'; // category has no products, but display the 'no products' message
$aLang['heading_title'] = $aLang['heading_title_products'];
}
}
}
if ($category_depth == 'nested') {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT cd.categories_name, cd.categories_page_title, cd.categories_heading_title, cd.categories_description,
cd.categories_description_meta, c.categories_image
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'";
$category = $dbconn->GetRow($sql);
$aTemplate['page'] = $sTheme . '/page/shop_nested.html';
$aTemplate['new_products'] = $sTheme . '/products/_new_products.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = (empty($category['categories_page_title']) ? $category['categories_heading_title'] : $category['categories_page_title']);
$sGroup = trim($aUser['text']);
$sContentCacheID = $sTheme . '|shop|nested|' . intval($nCurrentCategoryID) . '|' . $sCategory . '|' . $sGroup . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign('meta_description', $category['categories_description_meta']);
$smarty->assign('breadcrumb', $oBreadcrumb->trail());
$smarty->assign('canonical', $sCanonical);
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $sContentCacheID)) {
if (isset($sCategory) && strpos('_', $sCategory)) {
// check to see if there are deeper categories within the current category
$aCategoryLinks = array_reverse($aCategoryPath);
$n = count($aCategoryLinks);
for ($i = 0, $n; $i < $n; $i++) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, c.categories_image, c.parent_id, c.categories_status, cd.categories_name, p.parent_id as gparent_id
FROM $categoriestable c,
$categoriestable p,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.parent_id = '" . intval($aCategoryLinks[$i]) . "'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND p.categories_id = '" . intval($aCategoryLinks[$i]) . "'
ORDER BY c.sort_order, cd.categories_name";
$categories_result = $dbconn->Execute($sql);
if ($categories_result->RecordCount() < 1) {
// do nothing, go through the loop
} else {
break; // we've found the deepest category the customer is in
}
}
} else {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, cd.categories_name, cd.categories_description,
c.categories_image, c.parent_id, c.categories_status, p.parent_id as gparent_id
FROM $categoriestable c,
$categoriestable p,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.parent_id = '" . intval($nCurrentCategoryID) . "'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND p.categories_id = '" . intval($nCurrentCategoryID) . "'
ORDER BY c.sort_order, cd.categories_name";
$categories_result = $dbconn->Execute($sql);
}
$aCategoriesBoxs = array();
while ($categories = $categories_result->fields) {
$sCategoryNew = oos_get_path($categories['categories_id'], $categories['parent_id'], $categories['gparent_id']);
$aCategoriesBoxs[] = array(
'image' => $categories['categories_image'],
'name' => $categories['categories_name'],
'path' => $sCategoryNew
);
// Move that ADOdb pointer!
$categories_result->MoveNext();
}
if (!$smarty->isCached($aTemplate['new_products'], $sContentCacheID)) {
$smarty->assign('cpath', $sCategory);
require_once MYOOS_INCLUDE_PATH . '/includes/modules/new_products.php';
}
$smarty->assign('new_products', $smarty->fetch($aTemplate['new_products'], $sContentCacheID));
$smarty->assign('heading_title', $category['categories_name']);
if (!empty($category['categories_heading_title'])) {
$smarty->assign('heading_title', $category['categories_heading_title']);
}
$smarty->assign(
array(
'category' => $category,
'categories' => $aCategoriesBoxs
)
);
}
$smarty->setCaching(false);
} elseif ($category_depth == 'products' || (isset($_GET['manufacturers_id']) && !empty($_GET['manufacturers_id']))) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT cd.categories_name, cd.categories_heading_title, cd.categories_description,
cd.categories_description_meta, c.categories_image
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'";
$category = $dbconn->GetRow($sql);
$categories_imagestable = $oostable['categories_images'];
$sql = "SELECT categories_image
FROM $categories_imagestable
WHERE categories_id = '" . intval($nCurrentCategoryID) . "'";
$category_slider = $dbconn->Execute($sql);
if ($category_slider->RecordCount()) {
$aCategorySlider = array();
while ($slider = $category_slider->fields) {
$aCategorySlider[] = array(
'image' => $slider['categories_image']
);
// Move that ADOdb pointer!
$category_slider->MoveNext();
}
}
$aTemplate['page'] = $sTheme . '/page/shop_products.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
if (empty($category['categories_heading_title'])) {
$sPagetitle = $category['categories_name']. ' ' . OOS_META_TITLE;
} else {
$sPagetitle = $category['categories_heading_title'] . ' ' . OOS_META_TITLE;
}
$sDescription = $category['categories_description_meta'];
$nManufacturersID = isset($_GET['manufacturers_id']) ? $_GET['manufacturers_id']+0 : 0;
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
$nFilterID = intval($_GET['filter_id']) ? $_GET['filter_id']+0 : 0;
$sSort = oos_var_prep_for_os($_GET['sort']);
$sGroup = trim($aUser['text']);
$sContentCacheID = $sTheme . '|shop|products|' . intval($nCurrentCategoryID) . '|' . $sCategory . '|' . $nManufacturersID . '|' . $nPage . '|' . $nFilterID . '|' . $sGroup . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $category['categories_name'],
'canonical' => $sCanonical
)
);
if (!$smarty->isCached($aTemplate['page'], $sContentCacheID)) {
// create column list
$aDefineList = array();
$aDefineList = array('PRODUCT_LIST_MODEL' => '1',
'PRODUCT_LIST_NAME' => '2',
'PRODUCT_LIST_MANUFACTURER' => '3',
'PRODUCT_LIST_PRICE' => '4',
'PRODUCT_LIST_QUANTITY' => '5',
'PRODUCT_LIST_WEIGHT' => '6',
'PRODUCT_LIST_IMAGE' => '7',
'PRODUCT_LIST_BUY_NOW' => '8',
'PRODUCT_LIST_SORT_ORDER' => '9');
asort($aDefineList);
$aColumnList = array();
foreach($aDefineList as $key => $value) {
if ($value > 0) $aColumnList[] = $key;
}
$select_column_list = '';
$n = count($aColumnList);
for ($col = 0, $n; $col < $n; $col++) {
if ( $aColumnList[$col] == 'PRODUCT_LIST_PRICE') {
continue;
}
switch ($aColumnList[$col]) {
case 'PRODUCT_LIST_MODEL':
$select_column_list .= 'p.products_model, ';
break;
case 'PRODUCT_LIST_NAME':
$select_column_list .= 'pd.products_name, ';
break;
case 'PRODUCT_LIST_MANUFACTURER':
$select_column_list .= 'm.manufacturers_name, ';
break;
case 'PRODUCT_LIST_QUANTITY':
$select_column_list .= 'p.products_quantity, ';
break;
case 'PRODUCT_LIST_IMAGE':
$select_column_list .= 'p.products_image, ';
break;
case 'PRODUCT_LIST_WEIGHT':
$select_column_list .= 'p.products_weight, ';
break;
case 'PRODUCT_LIST_SORT_ORDER':
$select_column_list .= 'p.products_sort_order, ';
break;
}
}
// show the products of a specified manufacturer
if (isset($_GET['manufacturers_id']) && !empty($_GET['manufacturers_id'])) {
$nManufacturersID = intval($_GET['manufacturers_id']);
if (isset($_GET['filter_id'])) {
// We are asked to show only a specific category
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.products_replacement_product_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit,
p.products_quantity_order_min, p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $productstable p LEFT JOIN
$specialstable s ON p.products_id = s.products_id,
$products_descriptiontable pd,
$manufacturerstable m,
$products_to_categoriestable p2c
WHERE p.products_setting = '2'
AND p.manufacturers_id = m.manufacturers_id
AND m.manufacturers_id = '" . intval($nManufacturersID) . "'
AND p.products_id = p2c.products_id
AND pd.products_id = p2c.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p2c.categories_id = '" . intval($nFilterID) . "'";
} else {
// We show them all
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.products_replacement_product_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $productstable p LEFT JOIN
$specialstable s ON p.products_id = s.products_id,
$products_descriptiontable pd,
$manufacturerstable m
WHERE p.products_setting = '2'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p.manufacturers_id = m.manufacturers_id
AND m.manufacturers_id = '" . intval($nManufacturersID) . "'";
}
// We build the categories-dropdown
$productstable = $oostable['products'];
$products_to_categoriestable = $oostable['products_to_categories'];
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$filterlist_sql = "SELECT DISTINCT c.categories_id AS id, cd.categories_name AS name
FROM $productstable p,
$products_to_categoriestable p2c,
$categoriestable c,
$categories_descriptiontable cd
WHERE p.products_setting = '2'
AND p.products_id = p2c.products_id
AND p2c.categories_id = c.categories_id
AND p2c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND p.manufacturers_id = '" . intval($nManufacturersID) . "'
ORDER BY cd.categories_name";
} else {
// show the products in a given categorie
if ((isset($_GET['filter_id'])) && oos_is_not_null($_GET['filter_id'])) {
// We are asked to show only specific catgeory
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $productstable p LEFT JOIN
$specialstable s on p.products_id = s.products_id,
$products_descriptiontable pd,
$manufacturerstable m,
$products_to_categoriestable p2c
WHERE p.products_setting = '2'
AND p.manufacturers_id = m.manufacturers_id
AND m.manufacturers_id = '" . intval($_GET['filter_id']) . "'
AND p.products_id = p2c.products_id
AND pd.products_id = p2c.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p2c.categories_id = '" . intval($nCurrentCategoryID) . "'";
} else {
// We show them all
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $products_descriptiontable pd,
$productstable p LEFT JOIN
$manufacturerstable m ON p.manufacturers_id = m.manufacturers_id LEFT JOIN
$specialstable s ON p.products_id = s.products_id,
$products_to_categoriestable p2c
WHERE p.products_setting = '2'
AND p.products_id = p2c.products_id
AND pd.products_id = p2c.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p2c.categories_id = '" . intval($nCurrentCategoryID) . "'";
}
// We build the manufacturers Dropdown
$productstable = $oostable['products'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$filterlist_sql = "SELECT DISTINCT m.manufacturers_id AS id, m.manufacturers_name AS name
FROM $productstable p,
$products_to_categoriestable p2c,
$manufacturerstable m
WHERE p.products_setting = '2'
AND p.manufacturers_id = m.manufacturers_id
AND p.products_id = p2c.products_id
AND p2c.categories_id = '" . intval($nCurrentCategoryID) . "'
ORDER BY m.manufacturers_name";
}
if ( (!isset($_GET['sort'])) || (!preg_match('/^[1-8][ad]$/', $_GET['sort'])) || (substr($_GET['sort'], 0, 1) > count($aColumnList)) ) {
$n = count($aColumnList);
for ($col = 0, $n; $col < $n; $col++) {
if ($aColumnList[$col] == 'PRODUCT_LIST_NAME') {
$_GET['sort'] = $i+1 . 'a';
// $_GET['sort'] = 'products_sort_order';
$listing_sql .= " ORDER BY p.products_sort_order asc";
break;
}
}
} else {
$sort_col = substr($_GET['sort'], 0 , 1);
$sort_order = substr($_GET['sort'], 1);
switch ($aColumnList[$sort_col-1]) {
case 'PRODUCT_LIST_MODEL':
$listing_sql .= " ORDER BY p.products_model " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_NAME':
$listing_sql .= " ORDER BY pd.products_name " . ($sort_order == 'd' ? 'desc' : '');
break;
case 'PRODUCT_LIST_MANUFACTURER':
$listing_sql .= " ORDER BY m.manufacturers_name " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_QUANTITY':
$listing_sql .= " ORDER BY p.products_quantity " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_IMAGE':
$listing_sql .= " ORDER BY pd.products_name";
break;
case 'PRODUCT_LIST_WEIGHT':
$listing_sql .= " ORDER BY p.products_weight " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_PRICE':
$listing_sql .= " ORDER BY final_price " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_SORT_ORDER':
$listing_sql .= " ORDER BY p.products_sort_order " . ($sort_order == 'd' ? "desc" : '') . ", pd.products_name";
break;
}
}
// optional Product List Filter
$product_filter_select = '';
$filterlist_result = $dbconn->Execute($filterlist_sql);
if ($filterlist_result->RecordCount() > 1) {
$product_filter_select .= '<form><div class="justify-content-center">' . $aLang['text_show'] . '<select size="1" onChange="if(options[selectedIndex].value) window.location.href=(options[selectedIndex].value)">';
if (isset($_GET['manufacturers_id']) && !empty($_GET['manufacturers_id'])) {
$manufacturers_id = intval($_GET['manufacturers_id']);
$arguments = 'manufacturers_id=' . intval($manufacturers_id);
} else {
$arguments = 'category=' . $sCategory;
}
$arguments .= '&amp;sort=' . oos_db_prepare_input($_GET['sort']);
$option_url = oos_href_link($aContents['shop'], $arguments);
if (!isset($_GET['filter_id'])) {
$product_filter_select .= '<option value="' . $option_url . '" selected="selected">' . $aLang['text_all'] . '</option>';
} else {
$product_filter_select .= '<option value="' . $option_url . '">' . $aLang['text_all'] . '</option>';
}
$product_filter_select .= '<option value="">---------------</option>';
while ($filterlist = $filterlist_result->fields) {
$option_url = oos_href_link($aContents['shop'], $arguments . '&amp;filter_id=' . $filterlist['id']);
if (isset($_GET['filter_id']) && ($_GET['filter_id'] == $filterlist['id'])) {
$product_filter_select .= '<option value="' . $option_url . '" selected="selected">' . $filterlist['name'] . '</option>';
} else {
$product_filter_select .= '<option value="' . $option_url . '">' . $filterlist['name'] . '</option>';
}
$filterlist_result->MoveNext();
}
$product_filter_select .= '</select></div></form>' . "\n";
}
// assign Smarty variables;
$smarty->assign(
array(
'product_filter_select' => $product_filter_select,
'category' => $category
)
);
if (isset($aCategorySlider) && is_array($aCategorySlider)) {
$smarty->assign('slider', $aCategorySlider);
}
if ( (isset($_GET['manufacturers_id'])) || (oos_total_products_in_category($nCurrentCategoryID) >= 1) ) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/product_listing.php';
}
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $sContentCacheID));
$smarty->setCaching(false);
} else {
// $category_depth = 'top';
oos_redirect(oos_href_link($aContents['home']));
}
// display the template
$smarty->display($aTemplate['page']);

148
msd2/myoos/includes/content/shopping_cart.php Normal file
View File

@ -0,0 +1,148 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: shopping_cart.php,v 1.71 2003/02/14 05:51:28 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/shopping_cart.php';
$hidden_field = '';
$any_out_of_stock = 0;
if (isset($_SESSION)) {
if (is_object($_SESSION['cart'])) {
if ($_SESSION['cart']->count_contents() > 0) {
$products = $_SESSION['cart']->get_products();
$n = count($products);
for ($i=0, $n; $i<$n; $i++) {
// (oos_get_products_quantity_order_min($products[$i]['id']) > 1 ? $aLang['products_order_qty_min_text_cart_short'] . oos_get_products_quantity_order_min($products[$i]['id']) : '') . (oos_get_products_quantity_order_units($products[$i]['id']) > 1 ? $aLang['products_order_qty_unit_text_cart_short'] . oos_get_products_quantity_order_units($products[$i]['id']) : "")
$hidden_field .= oos_draw_hidden_field('products_id[]', $products[$i]['id']);
// Display marker if stock quantity insufficient
if (STOCK_CHECK == 'true') {
$stock_left = $products[$i]['stock'] - $products[$i]['quantity'];
if ($stock_left < 0) {
$any_out_of_stock = 1;
}
}
// Wishlist names
if (oos_is_not_null($products[$i]['towlid'])) {
$hidden_field .= oos_draw_hidden_field('to_wl_id[]', $products[$i]['towlid']);
}
// Push all attributes information in an array
if (isset($products[$i]['attributes']) && is_array($products[$i]['attributes'])) {
foreach($products[$i]['attributes'] as $option => $value) {
$products_id = oos_get_product_id($products[$i]['id']);
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$sql = "SELECT popt.products_options_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_attributestable pa
WHERE pa.products_id = '" . intval($products_id) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_id = '" . oos_db_input($option) . "'
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'";
} else {
$sql = "SELECT popt.products_options_name,
poval.products_options_values_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($products_id) . "'
AND pa.options_id = '" . oos_db_input($option) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . oos_db_input($value) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
}
$attributes_values = $dbconn->GetRow($sql);
if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$hidden_field .= oos_draw_hidden_field('id[' . $products[$i]['id'] . '][' . TEXT_PREFIX . $option . ']', $products[$i]['attributes_values'][$option]);
$attr_value = $products[$i]['attributes_values'][$option];
} else {
$hidden_field .= oos_draw_hidden_field('id[' . $products[$i]['id'] . '][' . $option . ']', $value);
$attr_value = $attributes_values['products_options_values_name'];
}
$attr_price = $attributes_values['options_values_price'];
$products[$i][$option]['products_options_name'] = $attributes_values['products_options_name'];
$products[$i][$option]['options_values_id'] = $value;
$products[$i][$option]['products_options_values_name'] = $attr_value;
$products[$i][$option]['options_values_price'] = $attr_price;
$products[$i][$option]['price_prefix'] = $attributes_values['price_prefix'];
}
}
}
}
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['shopping_cart']));
$sCanonical = oos_href_link($aContents['shopping_cart'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/shopping_cart.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'cart_active' => 1,
'canonical' => $sCanonical,
'hidden_field' => $hidden_field,
'products' => $products,
'any_out_of_stock' => $any_out_of_stock
)
);
// display the template
$smarty->display($aTemplate['page']);

66
msd2/myoos/includes/content/sitemap.php Normal file
View File

@ -0,0 +1,66 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: sitemap.php,v 1.1 2004/02/16 07:13:17 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2001 - 2004 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/sitemap.php';
$aTemplate['page'] = $sTheme . '/page/sitemap.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|info|' . $sGroup . '|sitemap|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$oSitemap = new oosCategoryTree;
$oSitemap->setShowCategoryProductCount(false);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['sitemap']));
$sCanonical = oos_href_link($aContents['sitemap'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical
)
);
$smarty->assign('sitemap', $oSitemap->buildTree());
}
// display the template
$smarty->display($aTemplate['page']);

124
msd2/myoos/includes/content/specials.php Normal file
View File

@ -0,0 +1,124 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: specials.php,v 1.46 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('spezials')) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/products_specials.php';
$aTemplate['page'] = $sTheme . '/page/specials.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$sGroup = trim($aUser['text']);
$nPage = isset($_GET[page]) ? $_GET[page]+0 : 1;
$nContentCacheID = $sTheme . '|info|' . $sGroup . '|spezials|' . $nPage . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$productstable = $oostable['products'];
$specialstable = $oostable['specials'];
$products_descriptiontable = $oostable['products_description'];
$specials_result_raw = "SELECT p.products_id, pd.products_name, pd.products_short_description, p.products_image, p.products_price,
p.products_base_price, p.products_base_unit, p.products_tax_class_id,
p.products_units_id, p.products_image, s.specials_new_products_price
FROM $productstable p,
$products_descriptiontable pd,
$specialstable s
WHERE p.products_setting = '2'
AND s.products_id = p.products_id
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND s.status = '1'
ORDER BY s.specials_date_added DESC";
$specials_split = new splitPageResults($specials_result_raw, MAX_DISPLAY_SPECIAL_PRODUCTS);
$specials_result = $dbconn->Execute($specials_split->sql_query);
$aSpecials = array();
while ($specials = $specials_result->fields) {
$specials_base_product_price = '';
$specials_base_product_special_price = '';
$specials_product_price = $oCurrencies->display_price($specials['products_price'], oos_get_tax_rate($specials['products_tax_class_id']));
$specials_product_special_price = $oCurrencies->display_price($specials['specials_new_products_price'], oos_get_tax_rate($specials['products_tax_class_id']));
if ($specials['products_base_price'] != 1) {
$specials_base_product_price = $oCurrencies->display_price($specials['products_price'] * $specials['products_base_price'], oos_get_tax_rate($specials['products_tax_class_id']));
$specials_base_product_special_price = $oCurrencies->display_price($specials['specials_new_products_price'] * $specials['products_base_price'], oos_get_tax_rate($specials['products_tax_class_id']));
}
$aSpecials[] = array(
'products_id' => $specials['products_id'],
'products_image' => $specials['products_image'],
'products_name' => $specials['products_name'],
'products_description' => $specials['products_description'],
'products_base_unit' => $specials['products_base_unit'],
'products_base_price' => $specials['products_base_price'],
'products_price' => $specials_product_price,
'products_special_price' => $specials_product_special_price,
'base_product_price' => $specials_base_product_price,
'base_product_special_price' => $specials_base_product_special_price
);
$specials_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['specials']));
$sCanonical = oos_href_link($aContents['specials'], 'page='. $nPage, FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'page_split' => $specials_split->display_count($aLang['text_display_number_of_specials']),
'display_links' => $specials_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $specials_split->number_of_rows,
'numpages' => $specials_split->number_of_pages,
'page' => $nPage,
'specials' => $aSpecials
)
);
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $nContentCacheID));
// display the template
$smarty->display($aTemplate['page']);