','/','?',' ','\t','\r','\n'); foreach($_SERVER['HTTP_POST_FILES'] as $k => $v){ if (stristr($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST'])){ if (is_uploaded_file($HTTP_POST_FILES[$k]['tmp_name'])){ if($HTTP_POST_VARS['UPLOAD_FILTER_LIST']){ /*removed 05-24-10 08.26.16 AM if (!eregi($HTTP_POST_VARS['UPLOAD_FILTER_LIST'],$HTTP_POST_FILES[$k]['name'])){ die ("

ERROR:

'" . $HTTP_POST_FILES[$k]['name'] . "' is an invalid file.\nPlease check with the site owner to learn what types of files may be uploaded."); } */ } } //if } //if }//foreach foreach($_SERVER['HTTP_POST_FILES'] as $k => $v){ if (stristr($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST'])){ if (is_uploaded_file($HTTP_POST_FILES[$k]['tmp_name'])){ $old = $HTTP_POST_FILES[$k]['tmp_name']; $filename = str_replace($search,"",strtolower($HTTP_POST_FILES[$k]['name'])); $new = "../images/products/" . $filename; if (file_exists($new)){ $backupfile = $new . "_" . time(); rename($new, $backupfile); } move_uploaded_file($old,$new); $$k = $filename; } }else{ die('

ERROR:

For security purposes, remote files may only be uploaded using forms contained within this domain.'); }// <-- if referring url is in same domain }// <-- foreach } // <-- if files were uploaded function getProductInfo($id){ $result = mysql_query("SELECT * FROM isell3_products WHERE product_id = '$id' LIMIT 1"); $totalRows = mysql_num_rows($result); if($totalRows > 0) { while($row = mysql_fetch_array($result)) { define ("PROD_ID", $row['product_id']); define ("PROD_NAME", $row['name']); define ("PROD_ACTIVE", $row['active']); define ("PROD_FEATURED", $row['featured']); define ("PROD_CATEGORY", $row['category']); define ("PROD_SKU", $row['sku']); define ("PROD_DESC", $row['description']); define ("PROD_SHDESC", $row['short_description']); define ("PROD_PRICE", $row['price']); define ("PROD_AUTO_THM", $row['auto_thumb']); define ("PROD_MAINIMG1", $row['main_image1']); define ("PROD_MAINIMG2", $row['main_image2']); define ("PROD_MAINIMG3", $row['main_image3']); define ("PROD_MAINIMG4", $row['main_image4']); define ("PROD_THUMB", $row['thumb_image']); define ("PROD_WEIGHT", $row['weight']); define ("PROD_OPT1NAME", $row['option1_name']); define ("PROD_OPT1", $row['option1']); define ("PROD_OPT2NAME", $row['option2_name']); define ("PROD_OPT2", $row['option2']); define ("PROD_OPT3NAME", $row['option3_name']); define ("PROD_OPT3", $row['option3']); define ("PROD_OPT4NAME", $row['option4_name']); define ("PROD_OPT4", $row['option4']); define ("PROD_OPT5NAME", $row['option5_name']); define ("PROD_OPT5", $row['option5']); define ("PROD_OPT6NAME", $row['option6_name']); define ("PROD_OPT6", $row['option6']); define ("PROD_STOCK", $row['stock']); define ("PROD_FREESHIP", $row['free_shipping']); define ("PROD_LOWLIMIT", $row['low_limit']); define ("PROD_MSRP", $row['msrp_price']); define ("PROD_COST", $row['cost']); define ("PROD_DOWNLOAD", $row['download']); define ("PROD_DOWNLOAD_LINK", $row['download_link']); } }else{ define ("PROD_ID", ""); define ("PROD_NAME", ""); define ("PROD_ACTIVE", ""); define ("PROD_FEATURED", ""); define ("PROD_CATEGORY", ""); define ("PROD_SKU", ""); define ("PROD_DESC", ""); define ("PROD_SHDESC", ""); define ("PROD_PRICE", ""); define ("PROD_AUTO_THM", ""); define ("PROD_MAINIMG1", ""); define ("PROD_MAINIMG2", ""); define ("PROD_MAINIMG3", ""); define ("PROD_MAINIMG4", ""); define ("PROD_THUMB", ""); define ("PROD_WEIGHT", ""); define ("PROD_OPT1NAME", ""); define ("PROD_OPT1", ""); define ("PROD_OPT2NAME", ""); define ("PROD_OPT2", ""); define ("PROD_OPT3NAME", ""); define ("PROD_OPT3", ""); define ("PROD_OPT4NAME", ""); define ("PROD_OPT4", ""); define ("PROD_OPT5NAME", ""); define ("PROD_OPT5", ""); define ("PROD_OPT6NAME", ""); define ("PROD_OPT6", ""); define ("PROD_STOCK", ""); define ("PROD_FREESHIP", ""); define ("PROD_LOWLIMIT", ""); define ("PROD_MSRP", ""); define ("PROD_COST", ""); define ("PROD_DOWNLOAD", ""); define ("PROD_DOWNLOAD_LINK", ""); } } //==================================================// function getCategories(){ $result = mysql_query("SELECT category FROM isell3_products GROUP BY category "); $i = 0; while ($row=mysql_fetch_array($result)) { $catname=$row["category"]; $count = $row["catcount"]; if(preg_match("/\|/", $catname)) { //<-- checks to see if it is in multiple categories $cat_array = explode("|", $catname); foreach($cat_array as $k => $v){ if(!@strstr($catlist,$v)){//if //Get count $result_count = mysql_query("SELECT category FROM isell3_products WHERE (category LIKE '%".$v."%') AND active != 0 ORDER BY category ASC"); if(preg_match("/##/", $v)){ $match = explode("##", $v); //print_r($match);exit; $text = $match[1]; $sort=$match[0]; }else{ $text=$v; $sort='0'; }//if @eregi // Draw Packaging select menu //$categories[$i]['id'] .= $v; $categories[$i]['sort'] .= $sort; $categories[$i]['text'] .= $text; $categories[$i]['count'] .= @mysql_num_rows($result_count); if(preg_match("/\:/", $v)){ $categories[$i]['subcat'] .= "yes"; }else{ $categories[$i]['subcat'] .= ""; }// if subcat $i++; }//if $catlist .= trim($v); }//for }else{ if(!preg_match("/".$catname."/",$catlist)){ // Draw Packaging select menu //Get count $result_count = mysql_query("SELECT category FROM isell3_products WHERE (category LIKE '%".$catname."%') AND active != 0 ORDER BY category ASC"); // Check for sort order if(preg_match("/##/", $catname)){ $match = explode("##", $catname); //print_r($match);exit; $text = $match[1]; $sort=$match[0]; }else{ $text=$catname; $sort='0'; }//if @eregi //$categories[$i]['id'] .= $catname; $categories[$i]['sort'] .= $sort; $categories[$i]['text'] .= $text; $categories[$i]['count'] .= @mysql_num_rows($result_count); if(preg_match("/\:/", $catname)){ $categories[$i]['subcat'] .= "yes"; }else{ $categories[$i]['subcat'] .= ""; }// if subcat $i++; }// if in list $catlist .= trim($catname); }//if end } //while // do the actual sorting work @usort($categories, do_my_sort); //print_r($categories);exit; return $categories; } //========================================= function CategoryNav(){ $cats = getCategories(); for ($i=0; $i".$row['name']."\n"; } return $products; } //========================================= //========================================= function displayProductsList($category){ $result = mysql_query("SELECT * from isell3_products WHERE featured == '1'"); // create object $smarty = new Smarty; $smarty->caching = false; $result = mysql_query("SELECT * FROM isell3_products WHERE category LIKE '%$category%'"); while($row = mysql_fetch_array($result)) { $main_image1 = imageTag("products/".$row['main_image1']); if($row['thumb_image']) $thumb_image = imageTag("products/".$row['thumb_image']); if($row['main_image2']) $main_image2 = imageTag("products/".$row['main_image2']); if($row['main_image3']) $main_image3 = imageTag("products/".$row['main_image3']); if($row['main_image4']) $main_image4 = imageTag("products/".$row['main_image4']); $prodname = $row["name"]; $proddesc = $row["description"]; $prodprice = $row["price"]; $prodsku = $row["sku"]; $prodmsrp = $row["msrp_price"]; $prodcost = $row["cost"]; $proddload = $row["download"]; $proddloadlink = $row["download_link"]; $prodcat = $row["category"]; $formstart = "
"; // Loop thru 6 possible options for($u=1;$u<7;$u++) { // start option loop $rowtitle = "option".$u."_name"; $rowvalue = "option".$u; if($row[$rowtitle]){ // checking for options if($row[$rowvalue]){ // product option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; }else{ // customer option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; } // done checking for option type $prodoptions .= "
"; } // done checking for options }// end option loop } //while $formend = "
"; $qtybox = ""; // Smarty register functions for template $smarty->assign("url", CART_URL); $smarty->assign("https_url", CART_HTTPSURL); $smarty->assign("main_image", $main_image1); $smarty->assign("main_image2", $main_image2); $smarty->assign("main_image3", $main_image3); $smarty->assign("main_image4", $main_image4); $smarty->assign("thumb_image", $thumb_image); $smarty->assign("product_name", $prodname); $smarty->assign("product_description", $proddesc); $smarty->assign("product_category", $prodcat); $smarty->assign("product_price", $prodprice); $smarty->assign("product_sku", $prodsku); $smarty->assign("product_msrp", $prodmsrp); $smarty->assign("product_cost", $prodcost); $smarty->assign("product_download", $proddload); //$smarty->assign("product_download_link", $proddloadlink); $smarty->assign("form_start", $formstart); $smarty->assign("form_end", $formend); $smarty->assign("quantity_box", $qtybox); $smarty->assign("product_options", $prodoptions); // display it if ($user == "admin"){ $smarty->template_dir = "../templates"; $smarty->compile_dir = "../templates_c"; }else{ $smarty->template_dir = "templates"; $smarty->compile_dir = "templates_c"; } $output = $smarty->fetch(CART_THEME."/advanced/all_products.tpl"); return $output; } function showFeaturedProducts() { // Log create_log_entry("Show Featured Products"); // create object $smarty = new Smarty; $smarty->assign("currency_code", CART_CURRENCY_CODE); //<-- added this so paypal users can use other currencies. $smarty->caching = false; if(CART_RW_THEMES){ $smarty->template_dir = "themes"; } if(CART_CATALOG_MODE == "1"){ $smarty->assign('catalog_mode', 'true');} $result = mysql_query("SELECT * from isell3_products WHERE active = '1' AND featured = '1' ORDER BY name ASC"); $total = mysql_num_rows ( $result ); if($total){ // Add results to arrays while($row = mysql_fetch_array($result)) { if($row['auto_thumb']){ $thumbs[] .= autoThumb("products/".$row["main_image1"]); }else{ $thumbs[] .= imageTag("products/".$row["thumb_image"]); }//if $names[] .= $row["name"]; $desc[] .= $row["short_description"]; $ids[] .= $row["product_id"]; $prices[] .= $row["price"]; $skus[] .= $row["sku"]; $inventory[] .= $row["stock"]; $msrp[] .= $row["msrp_price"]; $costs[] .= $row["cost"]; $downloads[] .= $row["download"]; $download_links[] .= $row["download_link"]; $prodoptions = ""; // Loop thru 5 possible options for($u=1;$u<7;$u++) { // start option loop $rowtitle = "option".$u."_name"; $rowvalue = "option".$u; if($row[$rowtitle]){ // checking for options if($row[$rowvalue]){ // product option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; }else{ // customer option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; } // done checking for option type $prodoptions .= "
"; }else{ $prodoptions .= "\n"; } // done checking for options }// end option loop $prod_options[] .= $prodoptions; } //print_r($prod_options);exit; $formstart = "
"; // Assign values to sub-template variables $smarty->assign('thumbs', $thumbs); $smarty->assign('names', $names); $smarty->assign('desc', $desc); $smarty->assign('ids', $ids); $smarty->assign('prices', $prices); $smarty->assign('sku', $skus); $smarty->assign('msrp', $msrp); $smarty->assign('inventory', $inventory); $smarty->assign('cost', $costs); $smarty->assign('download', $downloads); //$smarty->assign('download_link', $download_links); $smarty->assign('qty_box',''); $smarty->assign('product_options', $prod_options); $smarty->assign('form_start', $formstart); $smarty->assign('form_end', '
'); if(CART_RW_THEMES){ // <-- Are we using rw themes? if(!CART_CACHING){ $smarty->caching=0; $smarty->compile_check=true; $smarty->clear_compiled_tpl("prefs/featured_products.tpl"); } // Get individual product format $prods = $smarty->fetch("prefs/featured_products.tpl"); }else{ // <-- not using rw themes. if(!CART_CACHING){ $smarty->caching=0; $smarty->compile_check=true; $smarty->clear_compiled_tpl(CART_THEME."/advanced/featured_products.tpl"); } // Get individual product format $prods = $smarty->fetch(CART_THEME."/advanced/featured_products.tpl"); } // <-- if using rw themes return $prods; }else{ return ""; }// total=0 } //=============================================================// function showPOSProducts() { // Log create_log_entry("Show POS Products"); // create object $smarty = new Smarty; if(!CART_CACHING){ $smarty->force_compile = "true"; // <-- for debugging only. }//if if(CART_RW_THEMES){ $smarty->template_dir = "themes"; } $smarty->assign("currency_code", CART_CURRENCY_CODE); //<-- added this so paypal users can use other currencies. if(CART_CATALOG_MODE == "1"){ $smarty->assign('catalog_mode', 'true');} $result = mysql_query("SELECT * from isell3_products WHERE active = '1' AND pos = '1' ORDER BY name ASC"); $total = mysql_num_rows ( $result ); if($total){ // Add results to arrays while($row = mysql_fetch_array($result)) { if($row['auto_thumb']){ $thumbs[] .= autoThumb("products/".$row["main_image1"]); }else{ $thumbs[] .= imageTag("products/".$row["thumb_image"]); }//if $names[] .= $row["name"]; $desc[] .= $row["short_description"]; $ids[] .= $row["product_id"]; $prices[] .= $row["price"]; $skus[] .= $row["sku"]; $inventory[] .= $row["stock"]; $msrp[] .= $row["msrp_price"]; $costs[] .= $row["cost"]; $downloads[] .= $row["download"]; $download_links[] .= $row["download_link"]; $prodoptions = ""; // Loop thru 5 possible options for($u=1;$u<7;$u++) { // start option loop $rowtitle = "option".$u."_name"; $rowvalue = "option".$u; if($row[$rowtitle]){ // checking for options if($row[$rowvalue]){ // product option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; }else{ // customer option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; } // done checking for option type $prodoptions .= "
"; }else{ $prodoptions .= "\n"; } // done checking for options }// end option loop $prod_options[] .= $prodoptions; } //print_r($prod_options);exit; $formstart = "
"; // Assign values to sub-template variables $smarty->assign('thumbs', $thumbs); $smarty->assign('names', $names); $smarty->assign('desc', $desc); $smarty->assign('ids', $ids); $smarty->assign('prices', $prices); $smarty->assign('sku', $skus); $smarty->assign('msrp', $msrp); $smarty->assign('inventory', $inventory); $smarty->assign('cost', $costs); $smarty->assign('download', $downloads); $smarty->assign('download_link', $download_links); $smarty->assign('qty_box',''); $smarty->assign('product_options', $prod_options); $smarty->assign('form_start', $formstart); $smarty->assign('form_end', '
'); if(CART_RW_THEMES){ // <-- Are we using rw themes? if(!CART_CACHING){ $smarty->caching=0; $smarty->compile_check=true; $smarty->clear_compiled_tpl("prefs/pos_products.tpl"); } // Get individual product format $prods = $smarty->fetch("prefs/pos_products.tpl"); }else{ // <-- not using rw themes. if(!CART_CACHING){ $smarty->caching=0; $smarty->compile_check=true; $smarty->clear_compiled_tpl(CART_THEME."/advanced/pos_products.tpl"); } // Get individual product format $prods = $smarty->fetch(CART_THEME."/advanced/pos_products.tpl"); } // <-- if using rw themes return $prods; }else{ // return nothing since there are no pos items... return ""; } //if total=0 } //============================================================================================// // (A) DISPLAY PRODUCT //============================================================================================// function displayProduct($id){ global $rw_settings, $extra_pages, $extra_page_links; $themeshortname = $rw_settings['themeshortname']; // create object $smarty = new Smarty; // display it if(CART_RW_THEMES){ // <-- if using rapidweaver themes //=======================// // + USE RW THEMES //=======================// $smarty->template_dir = "themes"; $template = "prefs/product.tpl"; }else{ //=======================// // + USE TEMPLATES //=======================// $smarty->template_dir = "templates"; $smarty->compile_dir = "templates_c"; if(!CART_CACHING){ $smarty->caching=0; $smarty->compile_check=true; $smarty->clear_compiled_tpl(CART_THEME."/product.tpl"); } $template = CART_THEME."/product.tpl"; } //< -- if(end) using rapidweaver themes //======================// // + GET DATA //======================// $result = mysql_query("SELECT * FROM isell3_products WHERE product_id = '$id' LIMIT 1"); while($row = mysql_fetch_array($result)) { $main_image1 = imageTag("products/".$row['main_image1'], "", "name=\"swap\""); $main_image1_path = "images/products/".$row['main_image1']; if($row['thumb_image']) $thumb_image = imageTag("products/".$row['thumb_image']); if($row['main_image2']) $main_image2 = imageTag("products/".$row['main_image2']); $main_image2_path = "images/products/".$row['main_image2']; if($row['main_image3']) $main_image3 = imageTag("products/".$row['main_image3']); $main_image3_path = "images/products/".$row['main_image3']; if($row['main_image4']) $main_image4 = imageTag("products/".$row['main_image4']); $main_image4_path = "images/products/".$row['main_image4']; //Add thumbs $main_image1_thm = autoThumb("products/".$row['main_image1'], 40); if($row['main_image2']) $main_image2_thm = autoThumb("products/".$row['main_image2'], 40); if($row['main_image3']) $main_image3_thm = autoThumb("products/".$row['main_image3'], 40); if($row['main_image4']) $main_image4_thm = autoThumb("products/".$row['main_image4'], 40); $prodname = $row["name"]; $proddesc = $row["description"]; $prodprice = $row["price"]; $prodsku = $row["sku"]; $prodmsrp = $row["msrp_price"]; $prodcost = $row["cost"]; $proddload = $row["download"]; $prodstock = $row['stock']; $proddloadlink = $row["download_link"]; $email_friend_link = CART_URL."email_friend.php?sessID=".GetCartId()."&prod_id=".$row["product_id"]."&prod_name=".urlencode($row["name"])."&prod_price=".$row["price"]; $formstart = " \n"; if($user != "admin"){ $formstart .= ""; } // Loop thru 5 possible options for($u=1;$u<7;$u++) { // start option loop $rowtitle = "option".$u."_name"; $rowvalue = "option".$u; if($row[$rowtitle]){ // checking for options if($row[$rowvalue]){ // product option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; }else{ // customer option(s) $prodoptions .= "".$row[$rowtitle].":"; $prodoptions .= "\n
\n"; } // done checking for option type $prodoptions .= "
"; } // done checking for options }// end option loop } $formend = ""; $qtybox = ""; // Get category nav links $catnames = CategoryNav(); $smarty->assign('categories',$catnames); $nav = $smarty->fetch(CART_THEME."/advanced/category_list.tpl"); // START ASSIGNING VARS =================================================// $smarty->assign("main_image", $main_image1); $smarty->assign("main_image2", $main_image2); $smarty->assign("main_image3", $main_image3); $smarty->assign("main_image4", $main_image4); $smarty->assign("main_image_path", $main_image1_path); $smarty->assign("main_image2_path", $main_image2_path); $smarty->assign("main_image3_path", $main_image3_path); $smarty->assign("main_image4_path", $main_image4_path); $smarty->assign("main_image_thm", $main_image1_thm); $smarty->assign("main_image2_thm", $main_image2_thm); $smarty->assign("main_image3_thm", $main_image3_thm); $smarty->assign("main_image4_thm", $main_image4_thm); $smarty->assign("thumb_image", $thumb_image); $smarty->assign("product_name", $prodname); $smarty->assign("product_description", $proddesc); $smarty->assign("product_price", $prodprice); $smarty->assign("product_sku", $prodsku); $smarty->assign("product_msrp", $prodmsrp); $smarty->assign("product_cost", $prodcost); $smarty->assign("product_inventory", $prodstock); $smarty->assign("product_download", $proddload); $smarty->assign("email_friend_link", $email_friend_link); //$smarty->assign("product_download_link", $proddloadlink); $smarty->assign("form_start", $formstart); $smarty->assign("form_end", $formend); $smarty->assign("quantity_box", $qtybox); $smarty->assign("product_options", $prodoptions); // Get commonly used variables include("smarty_assigns.php"); // END ASSIGNING VARS =================================================// if(CART_RW_THEMES){ $content = $smarty->fetch("prefs/product.tpl"); $smarty->assign("content", $content); $output = $smarty->fetch($rw_settings['themeshortname']."/contents/index.html"); }else{ $output = $smarty->fetch($template); } // < --if rw themes return $output; } ?>