aschwarz/Leitgedanken
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Leitgedanken/msd2/myoos/includes/content/advanced_search_result.php
aschwarz a6523903eb PDF rausgenommen
2023-01-23 11:03:31 +01:00

389 lines
15 KiB
PHP
Raw Blame History

<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: advanced_search_result.php,v 1.67 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_search.php';
require 'includes/languages/' . $sLanguage . '/search_advanced_result.php';
$get_parameters = '';
$keywords = isset($_GET['keywords']) && !empty($_GET['keywords']) ? stripslashes(trim(urldecode($_GET['keywords']))) : FALSE;
$get_parameters .= '&keywords=' . $keywords;
$search_in_description = isset($_GET['search_in_description']) && is_numeric($_GET['search_in_description']) ? (int)$_GET['search_in_description'] : 0;
$get_parameters .= '&search_in_description=' . $search_in_description;
$categories_id = isset($_GET['categories_id']) && is_numeric($_GET['categories_id']) ? (int)$_GET['categories_id'] : FALSE;
$get_parameters .= '&categories_id=' . $categories_id;
$inc_subcat = isset($_GET['inc_subcat']) && is_numeric($_GET['inc_subcat']) ? (int)$_GET['inc_subcat'] : 0;
$get_parameters .= '&inc_subcat=' . $inc_subcat;
$manufacturers_id = isset($_GET['manufacturers_id']) && is_numeric($_GET['manufacturers_id']) ? (int)$_GET['manufacturers_id'] : FALSE;
$get_parameters .= '&manufacturers_id=' . $manufacturers_id;
$pfrom = isset($_GET['pfrom']) && !empty($_GET['pfrom']) ? stripslashes($_GET['pfrom']) : FALSE;
$get_parameters .= '&pfrom=' . $pfrom;
$pto = isset($_GET['pto']) && !empty($_GET['pto']) ? stripslashes($_GET['pto']) : FALSE;
$get_parameters .= '&pto=' . $pto;
$dfrom = isset($_GET['dfrom']) && !empty($_GET['dfrom']) ? stripslashes($_GET['dfrom']) : FALSE;
$get_parameters .= '&dfrom=' . $dfrom;
$dto = isset($_GET['dto']) && !empty($_GET['dto']) ? stripslashes($_GET['dto']) : FALSE;
$get_parameters .= '&dto=' . $dto;
$errorno = 0;
$dfrom_to_check = (($dfrom == DOB_FORMAT_STRING) ? '' : $dfrom);
$dto_to_check = (($dto == DOB_FORMAT_STRING) ? '' : $dto);
if (strlen($dfrom_to_check) > 0) {
if (!oos_checkdate($dfrom_to_check, DOB_FORMAT_STRING, $dfrom_array)) {
$errorno += 10;
}
}
if (strlen($dto_to_check) > 0) {
if (!oos_checkdate($dto_to_check, DOB_FORMAT_STRING, $dto_array)) {
$errorno += 100;
}
}
if (strlen($dfrom_to_check) > 0 && !(($errorno & 10) == 10) && strlen($dto_to_check) > 0 && !(($errorno & 100) == 100)) {
if (mktime(0, 0, 0, $dfrom_array[1], $dfrom_array[2], $dfrom_array[0]) > mktime(0, 0, 0, $dto_array[1], $dto_array[2], $dto_array[0])) {
$errorno += 1000;
}
}
if (strlen($pfrom) > 0) {
$pfrom_to_check = oos_var_prep_for_os($pfrom);
if (!settype($pfrom_to_check, "double")) {
$errorno += 10000;
}
}
if (strlen($pto) > 0) {
$pto_to_check = oos_var_prep_for_os($pto);
if (!settype($pto_to_check, "double")) {
$errorno += 100000;
}
}
if (strlen($pfrom) > 0 && !(($errorno & 10000) == 10000) && strlen($pto) > 0 && !(($errorno & 100000) == 100000)) {
if ($pfrom_to_check > $pto_to_check) {
$errorno += 1000000;
}
}
if (oos_is_not_null($keywords)) {
if (!oos_parse_search_string($keywords, $search_keywords)) {
$errorno += 10000000;
}
}
if ($errorno > 0) {
oos_redirect(oos_href_link($aContents['advanced_search'], 'errorno=' . $errorno . $get_parameters));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title1'], oos_href_link($aContents['advanced_search']));
$oBreadcrumb->add($aLang['navbar_title2']);
// create column list
$define_list = array('PRODUCT_LIST_MODEL' => '1',
'PRODUCT_LIST_NAME' => '2',
'PRODUCT_LIST_MANUFACTURER' => '3',
'PRODUCT_LIST_UVP' => '4',
'PRODUCT_LIST_PRICE' => '5',
'PRODUCT_LIST_QUANTITY' => '6',
'PRODUCT_LIST_WEIGHT' => '7',
'PRODUCT_LIST_IMAGE' => '8',
'PRODUCT_LIST_BUY_NOW' => '9');
asort($define_list);
$column_list = array();
reset($define_list);
foreach($define_list as $column => $value) {
if ($value) $column_list[] = $column;
}
$select_column_list = '';
for ($col=0, $n=count($column_list); $col<$n; $col++) {
if ( ($column_list[$col] == 'PRODUCT_LIST_BUY_NOW')
|| ($column_list[$col] == 'PRODUCT_LIST_NAME')
|| ($column_list[$col] == 'PRODUCT_LIST_PRICE') ) {
continue;
}
if (oos_is_not_null($select_column_list)) {
$select_column_list .= ', ';
}
switch ($column_list[$col]) {
case 'PRODUCT_LIST_MODEL':
$select_column_list .= 'p.products_model';
break;
case 'PRODUCT_LIST_MANUFACTURER':
$select_column_list .= 'm.manufacturers_name';
break;
case 'PRODUCT_LIST_QUANTITY':
$select_column_list .= 'p.products_quantity';
break;
case 'PRODUCT_LIST_IMAGE':
$select_column_list .= 'p.products_image';
break;
case 'PRODUCT_LIST_WEIGHT':
$select_column_list .= 'p.products_weight';
break;
default:
$select_column_list .= "pd.products_name";
break;
}
}
if (oos_is_not_null($select_column_list)) {
$select_column_list .= ', ';
}
$select_str = "SELECT DISTINCT " . $select_column_list . " m.manufacturers_id, p.products_id, p.products_replacement_product_id, pd.products_name,
p.products_discount1, p.products_discount2, p.products_discount3, p.products_discount4,
p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_quantity_order_min, p.products_quantity_order_max,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_product_quantity,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price ";
if ( ($aUser['price_with_tax'] == 1) && ( (isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($pto) && oos_is_not_null($pto))) ) {
$select_str .= ", SUM(tr.tax_rate) AS tax_rate ";
}
$from_str = "FROM " . $oostable['products'] . " p LEFT JOIN
" . $oostable['manufacturers'] . " m using(manufacturers_id) LEFT JOIN
" . $oostable['specials'] . " s ON p.products_id = s.products_id";
if ( ($aUser['price_with_tax'] == 1) && ( (isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($pto) && oos_is_not_null($pto))) ) {
$nCountry_id = STORE_COUNTRY;
$nZone_id = STORE_ZONE;
if (isset($_SESSION)) {
if (isset($_SESSION['customer_country_id'])) {
$nCountry_id = $_SESSION['customer_country_id'];
$nZone_id = $_SESSION['customer_zone_id'];
}
}
$from_str .= " LEFT JOIN
" . $oostable['tax_rates'] . " tr
ON p.products_tax_class_id = tr.tax_class_id LEFT JOIN
" . $oostable['zones_to_geo_zones'] . " gz
ON tr.tax_zone_id = gz.geo_zone_id AND
(gz.zone_country_id is null OR
gz.zone_country_id = '0' OR
gz.zone_country_id = '" . intval($nCountry_id) . "') AND
(gz.zone_id is null OR
gz.zone_id = '0' OR
gz.zone_id = '" . intval($nZone_id) . "')";
}
$from_str .= ", " . $oostable['products_description'] . " pd, " . $oostable['categories'] . " c, " . $oostable['products_to_categories'] . " p2c";
$where_str = " WHERE
p.products_setting = '2' AND
p.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' AND
p.products_id = p2c.products_id AND
p2c.categories_id = c.categories_id ";
if (isset($categories_id) && is_numeric($categories_id)) {
if ($_GET['inc_subcat'] == '1') {
$subcategories_array = array();
oos_get_subcategories($subcategories_array, $categories_id);
$where_str .= " AND
p2c.products_id = p.products_id AND
p2c.products_id = pd.products_id AND
(p2c.categories_id = '" . intval($categories_id) . "'";
for ($i=0, $n=count($subcategories_array); $i<$n; $i++ ) {
$where_str .= " OR p2c.categories_id = '" . intval($subcategories_array[$i]) . "'";
}
$where_str .= ")";
} else {
$where_str .= " AND
p2c.products_id = p.products_id AND
p2c.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' AND
p2c.categories_id = '" . intval($categories_id) . "'";
}
}
if (isset($manufacturers_id) && is_numeric($manufacturers_id)) {
$where_str .= " AND m.manufacturers_id = '" . intval($manufacturers_id) . "'";
}
if (isset($search_keywords) && (count($search_keywords) > 0)) {
$where_str .= " AND (";
for ($i=0, $n=count($search_keywords); $i<$n; $i++ ) {
switch ($search_keywords[$i]) {
case '(':
case ')':
case 'and':
case 'or':
$where_str .= " " . $search_keywords[$i] . " ";
break;
default:
$keyword = oos_db_prepare_input($search_keywords[$i]);
$where_str .= " (pd.products_name LIKE '%" . oos_db_input($keyword) . "%'
OR p.products_model LIKE '%" . oos_db_input($keyword) . "%'
OR p.products_ean LIKE '%" . oos_db_input($keyword) . "%'
OR m.manufacturers_name LIKE '%" . oos_db_input($keyword) . "%'";
if (isset($_GET['search_in_description']) && ($_GET['search_in_description'] == '1')) $where_str .= " OR pd.products_short_description LIKE '%" . oos_db_input($keyword) . "%'";
if (isset($_GET['search_in_description']) && ($_GET['search_in_description'] == '1')) $where_str .= " OR pd.products_description LIKE '%" . oos_db_input($keyword) . "%'";
$where_str .= ')';
break;
}
}
$where_str .= " )";
}
if (isset($dfrom) && oos_is_not_null($dfrom) && ($dfrom != DOB_FORMAT_STRING)) {
$where_str .= " AND p.products_date_added >= '" . oos_date_raw($dfrom_to_check) . "'";
}
if (isset($dto) && oos_is_not_null($dto) && ($dto != DOB_FORMAT_STRING)) {
$where_str .= " AND p.products_date_added <= '" . oos_date_raw($dto_to_check) . "'";
}
$rate = $oCurrencies->get_value($sCurrency);
if ($rate) {
$pfrom = oos_var_prep_for_os($_GET['pfrom'] / $rate);
$pto = oos_var_prep_for_os($_GET['pto'] / $rate);
}
if ($aUser['price_with_tax'] == 1) {
if ($pfrom) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100) ) >= " . oos_db_input($pfrom) . ")";
if ($pto) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100) ) <= " . oos_db_input($pto) . ")";
} else {
if ($pfrom) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) >= " . oos_db_input($pfrom) . ")";
if ($pto) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) <= " . oos_db_input($pto) . ")";
}
if ( ($aUser['price_with_tax'] == 1) && ((isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($_GET['pto']) && oos_is_not_null($_GET['pto']))) ) {
$where_str .= " GROUP BY p.products_id, tr.tax_priority";
}
if ( (!isset($_GET['sort'])) || (!preg_match('/[1-8][ad]/', $_GET['sort'])) || (substr($_GET['sort'], 0 , 1) > count($column_list)) ) {
for ($col=0, $n=count($column_list); $col<$n; $col++) {
if ($column_list[$col] == 'PRODUCT_LIST_NAME') {
$_GET['sort'] = $col+1 . 'a';
$order_str = ' ORDER BY pd.products_name';
break;
}
}
} else {
$sort_col = substr($_GET['sort'], 0 , 1);
$sort_order = substr($_GET['sort'], 1);
$order_str = ' ORDER BY ';
switch ($column_list[$sort_col-1]) {
case 'PRODUCT_LIST_MODEL':
$order_str .= "p.products_model " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_NAME':
$order_str .= "pd.products_name " . ($sort_order == 'd' ? "desc" : "");
break;
case 'PRODUCT_LIST_MANUFACTURER':
$order_str .= "m.manufacturers_name " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_QUANTITY':
$order_str .= "p.products_quantity " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_IMAGE':
$order_str .= "pd.products_name";
break;
case 'PRODUCT_LIST_WEIGHT':
$order_str .= "p.products_weight " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_PRICE':
$order_str .= "final_price " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
default:
$order_str .= "pd.products_name";
break;
}
}
$listing_sql = $select_str . $from_str . $where_str . $order_str;
$aTemplate['page'] = $sTheme . '/page/advanced_search_result.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'text_no_products' => sprintf($aLang['text_no_products'], $keywords)
)
);
require_once MYOOS_INCLUDE_PATH . '/includes/modules/product_listing.php';
$smarty->assign('oos_get_all_get_params', oos_get_all_get_parameters(array('sort', 'page')));
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);
Reference in New Issue View Git Blame Copy Permalink