diff --git a/README.md b/README.md index e532a103f..b7b7d53ff 100644 --- a/README.md +++ b/README.md @@ -97,11 +97,12 @@ If you wish to help steer the future direction of the software you need to join Channel | URL ------------ | ------------- Phoenix Club | https://forums.oscommerce.com/forum/117-topics/ -Youtube | https://www.youtube.com/channel/UCjJe0ZX3-nGzeJFEzcVUyIA/ -Discord | https://discord.gg/3pzfrtMAX4 -External Libraries | https://github.com/gburton/Responsive-osCommerce/wiki/External-Libraries -Phoenix Cart Wiki | https://phoenixcart.org/phoenixcartwiki/index.php -Phoenix Cart Forum | https://phoenixcart.org/forum/ +Phoenix (Youtube) | https://www.youtube.com/channel/UCjJe0ZX3-nGzeJFEzcVUyIA/ +Zipurman Coding (Youtube) | https://www.youtube.com/user/zipurman/videos +Support (Discord) | https://discord.gg/3pzfrtMAX4 +Phoenix Cart (Wiki) | https://phoenixcart.org/phoenixcartwiki/index.php +Phoenix Cart (Forum) | https://phoenixcart.org/forum/ +Github (Discussions) | https://github.com/gburton/CE-Phoenix/discussions # Credits diff --git a/admin/categories.php b/admin/categories.php index 716b6af8a..86c8d45b1 100644 --- a/admin/categories.php +++ b/admin/categories.php @@ -15,13 +15,13 @@ $currencies = new currencies(); // calculate category path - $cPath = $_GET['cPath'] ?? ''; - if (tep_not_null($cPath)) { - $cPath_array = tep_parse_category_path($cPath); + if (empty($_GET['cPath'])) { + $current_category_id = 0; + $cPath = ''; + } else { + $cPath_array = tep_parse_category_path($_GET['cPath']); $cPath = implode('_', $cPath_array); $current_category_id = end($cPath_array); - } else { - $current_category_id = 0; } const DIR_FS_CATALOG_IMAGES = DIR_FS_CATALOG . 'images/'; @@ -623,8 +623,8 @@ function updateNet() {
@@ -690,6 +690,10 @@ function updateNet() {
call('categories', 'injectLanguageForm'); + + if ('' !== $show) { + $show = ''; + } } ?>
@@ -990,15 +994,11 @@ function addNewPiForm() { 0) { - $cPath_back .= $cPath_array[0]; - for ($i=1, $n=count($cPath_array)-1; $i<$n; $i++) { - $cPath_back .= '_' . $cPath_array[$i]; - } + if (isset($cPath_array) && count($cPath_array) > 1) { + $cPath_back = 'cPath=' . implode('_', array_slice($cPath_array, 0, -1)) . '&'; + } else { + $cPath_back = ''; } - - $cPath_back = (tep_not_null($cPath_back)) ? 'cPath=' . $cPath_back . '&' : ''; ?> @@ -1006,7 +1006,7 @@ function addNewPiForm() {
' . TEXT_PRODUCTS . ' ' . $products_count ?>
-
0)) echo tep_draw_bootstrap_button(IMAGE_BACK, 'fas fa-angle-left', tep_href_link('categories.php', $cPath_back), null, null, 'btn-light mr-2'); if (!isset($_GET['search'])) echo tep_draw_bootstrap_button(IMAGE_NEW_CATEGORY, 'fas fa-sitemap', tep_href_link('categories.php', 'cPath=' . $cPath . '&action=new_category'), null, null, 'btn-danger mr-2') . tep_draw_bootstrap_button(IMAGE_NEW_PRODUCT, 'fas fa-boxes', tep_href_link('categories.php', 'cPath=' . $cPath . '&action=new_product'), null, null, 'btn-danger') ?>
+
0)) echo tep_draw_bootstrap_button(IMAGE_BACK, 'fas fa-angle-left', tep_href_link('categories.php', $cPath_back), null, null, 'btn-light mr-2'); if (!isset($_GET['search'])) echo tep_draw_bootstrap_button(IMAGE_NEW_CATEGORY, 'fas fa-sitemap', tep_href_link('categories.php', 'cPath=' . $cPath . '&action=new_category'), null, null, 'btn-danger mr-2') . tep_draw_bootstrap_button(IMAGE_NEW_PRODUCT, 'fas fa-boxes', tep_href_link('categories.php', 'cPath=' . $cPath . '&action=new_product'), null, null, 'btn-danger'); ?>
diff --git a/admin/configuration.php b/admin/configuration.php index 9df2f2efd..e8003f10c 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -19,14 +19,14 @@ if (tep_not_null($action)) { switch ($action) { case 'save': - $configuration_value = tep_db_prepare_input($_POST['configuration_value']); + $configuration_value = tep_db_prepare_input($_POST['configuration_value'] ?? NULL); $cID = tep_db_prepare_input($_GET['cID']); tep_db_query("UPDATE configuration SET configuration_value = '" . tep_db_input($configuration_value) . "', last_modified = NOW() WHERE configuration_id = " . (int)$cID); $OSCOM_Hooks->call('configuration', 'saveAction'); - tep_redirect(tep_href_link('configuration.php', 'gID=' . $_GET['gID'] . '&cID=' . $cID)); + tep_redirect(tep_href_link('configuration.php', 'gID=' . (int)$_GET['gID'] . '&cID=' . $cID)); break; } } @@ -41,7 +41,7 @@ require 'includes/template_top.php'; ?> -

+

@@ -49,9 +49,9 @@ - - - + + + @@ -96,11 +96,11 @@ $icon = ''; } else { echo '' . "\n"; - $icon = ''; + $icon = ''; } ?> - - + + configuration_value); } - $contents = ['form' => tep_draw_form('configuration', 'configuration.php', 'gID=' . $_GET['gID'] . '&cID=' . $cInfo->configuration_id . '&action=save')]; + $contents = ['form' => tep_draw_form('configuration', 'configuration.php', 'gID=' . (int)$_GET['gID'] . '&cID=' . $cInfo->configuration_id . '&action=save')]; $contents[] = ['text' => TEXT_INFO_EDIT_INTRO]; $contents[] = ['text' => '' . $cInfo->configuration_title . '
' . $cInfo->configuration_description . '
' . $value_field]; $contents[] = ['class' => 'text-center', 'text' => tep_draw_bootstrap_button(IMAGE_SAVE, 'fas fa-save', null, 'primary', null, 'btn-success mr-2') . tep_draw_bootstrap_button(IMAGE_CANCEL, 'fas fa-times', tep_href_link('configuration.php', 'gID=' . (int)$_GET['gID'] . '&cID=' . (int)$cInfo->configuration_id), null, null, 'btn-light')]; diff --git a/admin/customers.php b/admin/customers.php index 62d6a62bb..805d4366b 100644 --- a/admin/customers.php +++ b/admin/customers.php @@ -89,7 +89,7 @@
-

+

-
+
- - - + + + @@ -204,19 +204,19 @@ $customer_data->get([ 'sortable_name', 'name', 'email_address', 'country_id', 'id' ], $cInfo_array); $cInfo = new objectInfo($cInfo_array); - $href = tep_href_link('customers.php', tep_get_all_get_params(['cID', 'action']) . 'cID=' . $cInfo->customers_id . '&action=edit'); + $href = tep_href_link('customers.php', addslashes(tep_get_all_get_params(['cID', 'action'])) . 'cID=' . $cInfo->customers_id . '&action=edit'); $icon = ''; $css = 'class="table-active" '; } else { - $href = tep_href_link('customers.php', tep_get_all_get_params(['cID']) . 'cID=' . $customer_data->get('id', $customers)); + $href = tep_href_link('customers.php', addslashes(tep_get_all_get_params(['cID'])) . 'cID=' . $customer_data->get('id', $customers)); $icon = ''; $css = null; } ?> - onclick="document.location.href=''"> - - - + onclick="document.location.href=''"> + + +
-
display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS); ?>
-
display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], tep_get_all_get_params(['page', 'info', 'x', 'y', 'cID'])); ?>
+
display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS) ?>
+
display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], tep_get_all_get_params(['page', 'info', 'x', 'y', 'cID'])) ?>
register('system'); $OSCOM_Hooks->generate('system', 'startApplication'); @@ -69,16 +69,7 @@ // set the language if (!isset($_SESSION['language']) || isset($_GET['language'])) { - $lng = new language(); - - if (tep_not_null($_GET['language'] ?? '')) { - $lng->set_language($_GET['language']); - } else { - $lng->get_browser_language(); - } - - $_SESSION['language'] = $lng->language['directory']; - $_SESSION['languages_id'] = $lng->language['id']; + $lng = language::build(); } // register session variables globally diff --git a/admin/includes/classes/language.php b/admin/includes/classes/language.php deleted file mode 100644 index 0679bd9db..000000000 --- a/admin/includes/classes/language.php +++ /dev/null @@ -1,114 +0,0 @@ - (detect_language.php v0.1 04/02/2002) -*/ - - class language { - var $languages, $catalog_languages, $browser_languages, $language; - - function __construct($lng = '') { - $this->languages = array('af' => 'af|afrikaans', - 'ar' => 'ar([-_][[:alpha:]]{2})?|arabic', - 'be' => 'be|belarusian', - 'bg' => 'bg|bulgarian', - 'br' => 'pt[-_]br|brazilian portuguese', - 'ca' => 'ca|catalan', - 'cs' => 'cs|czech', - 'da' => 'da|danish', - 'de' => 'de([-_][[:alpha:]]{2})?|german', - 'el' => 'el|greek', - 'en' => 'en([-_][[:alpha:]]{2})?|english', - 'es' => 'es([-_][[:alpha:]]{2})?|spanish', - 'et' => 'et|estonian', - 'eu' => 'eu|basque', - 'fa' => 'fa|farsi', - 'fi' => 'fi|finnish', - 'fo' => 'fo|faeroese', - 'fr' => 'fr([-_][[:alpha:]]{2})?|french', - 'ga' => 'ga|irish', - 'gl' => 'gl|galician', - 'he' => 'he|hebrew', - 'hi' => 'hi|hindi', - 'hr' => 'hr|croatian', - 'hu' => 'hu|hungarian', - 'id' => 'id|indonesian', - 'it' => 'it|italian', - 'ja' => 'ja|japanese', - 'ko' => 'ko|korean', - 'ka' => 'ka|georgian', - 'lt' => 'lt|lithuanian', - 'lv' => 'lv|latvian', - 'mk' => 'mk|macedonian', - 'mt' => 'mt|maltese', - 'ms' => 'ms|malaysian', - 'nl' => 'nl([-_][[:alpha:]]{2})?|dutch', - 'no' => 'no|norwegian', - 'pl' => 'pl|polish', - 'pt' => 'pt([-_][[:alpha:]]{2})?|portuguese', - 'ro' => 'ro|romanian', - 'ru' => 'ru|russian', - 'sk' => 'sk|slovak', - 'sq' => 'sq|albanian', - 'sr' => 'sr|serbian', - 'sv' => 'sv|swedish', - 'sz' => 'sz|sami', - 'sx' => 'sx|sutu', - 'th' => 'th|thai', - 'ts' => 'ts|tsonga', - 'tr' => 'tr|turkish', - 'tn' => 'tn|tswana', - 'uk' => 'uk|ukrainian', - 'ur' => 'ur|urdu', - 'vi' => 'vi|vietnamese', - 'tw' => 'zh[-_]tw|chinese traditional', - 'zh' => 'zh|chinese simplified', - 'ji' => 'ji|yiddish', - 'zu' => 'zu|zulu'); - - $this->catalog_languages = array(); - $languages_query = tep_db_query("select languages_id, name, code, image, directory from languages order by sort_order"); - while ($languages = tep_db_fetch_array($languages_query)) { - $this->catalog_languages[$languages['code']] = array('id' => $languages['languages_id'], - 'name' => $languages['name'], - 'image' => $languages['image'], - 'directory' => $languages['directory']); - } - - $this->browser_languages = ''; - $this->language = ''; - - $this->set_language($lng); - } - - function set_language($language) { - if ( (tep_not_null($language)) && (isset($this->catalog_languages[$language])) ) { - $this->language = $this->catalog_languages[$language]; - } else { - $this->language = $this->catalog_languages[DEFAULT_LANGUAGE]; - } - } - - function get_browser_language() { - $this->browser_languages = explode(',', getenv('HTTP_ACCEPT_LANGUAGE')); - - for ($i=0, $n=sizeof($this->browser_languages); $i<$n; $i++) { - foreach($this->languages as $key => $value) { - if (preg_match('/^(' . $value . ')(;q=[0-9]\\.[0-9])?$/i', $this->browser_languages[$i]) && isset($this->catalog_languages[$key])) { - $this->language = $this->catalog_languages[$key]; - break 2; - } - } - } - } - } -?> diff --git a/admin/includes/languages/english.php b/admin/includes/languages/english.php index caf3cae78..069ce3801 100644 --- a/admin/includes/languages/english.php +++ b/admin/includes/languages/english.php @@ -40,15 +40,10 @@ const HEADER_TITLE_CERTIFIED_ADDONS = 'Certified Addons & Services'; const HEADER_TITLE_LOGOFF = ' %s, securely logoff'; -// javascript messages -const JS_STATE_SELECT = '-- Select Above --'; - // images -const IMAGE_ANI_SEND_EMAIL = 'Sending E-Mail'; const IMAGE_BACK = 'Back'; const IMAGE_BACKUP = 'Backup'; const IMAGE_CANCEL = 'Cancel'; -const IMAGE_CONFIRM = 'Confirm'; const IMAGE_COPY = 'Copy'; const IMAGE_COPY_TO = 'Copy To'; const IMAGE_DETAILS = 'Details'; @@ -56,11 +51,6 @@ const IMAGE_EDIT = 'Edit'; const IMAGE_EMAIL = 'Email'; const IMAGE_EXPORT = 'Export'; -const IMAGE_ICON_STATUS_GREEN = 'Active'; -const IMAGE_ICON_STATUS_GREEN_LIGHT = 'Set Active'; -const IMAGE_ICON_STATUS_RED = 'Inactive'; -const IMAGE_ICON_STATUS_RED_LIGHT = 'Set Inactive'; -const IMAGE_ICON_INFO = 'Info'; const IMAGE_INSERT = 'Insert'; const IMAGE_LOCK = 'Lock'; const IMAGE_MODULE_INSTALL = 'Install Module'; @@ -70,14 +60,11 @@ const IMAGE_NEW_COUNTRY = 'New Country'; const IMAGE_NEW_CURRENCY = 'New Currency'; const IMAGE_NEW_CUSTOMER_DATA_GROUP = 'New Customer Data Group'; -const IMAGE_NEW_FILE = 'New File'; -const IMAGE_NEW_FOLDER = 'New Folder'; const IMAGE_NEW_LANGUAGE = 'New Language'; const IMAGE_NEW_NEWSLETTER = 'New Newsletter'; const IMAGE_NEW_PRODUCT = 'New Product'; const IMAGE_NEW_TAX_CLASS = 'New Tax Class'; const IMAGE_NEW_TAX_RATE = 'New Tax Rate'; -const IMAGE_NEW_TAX_ZONE = 'New Tax Zone'; const IMAGE_NEW_ZONE = 'New Zone'; const IMAGE_ORDERS = 'Orders'; const IMAGE_ORDERS_INVOICE = 'Invoice'; @@ -86,7 +73,6 @@ const IMAGE_RESTORE = 'Restore'; const IMAGE_RESET = 'Reset'; const IMAGE_SAVE = 'Save'; -const IMAGE_SEARCH = 'Search'; const IMAGE_SELECT = 'Select'; const IMAGE_SEND = 'Send'; const IMAGE_SEND_EMAIL = 'Send Email'; @@ -95,21 +81,8 @@ const IMAGE_UPDATE_CURRENCIES = 'Update Exchange Rate'; const IMAGE_UPLOAD = 'Upload'; -const ICON_CROSS = 'False'; -const ICON_CURRENT_FOLDER = 'Current Folder'; -const ICON_DELETE = 'Delete'; -const ICON_ERROR = 'Error'; const ICON_FILE = 'File'; const ICON_FILE_DOWNLOAD = 'Download'; -const ICON_FOLDER = 'Folder'; -const ICON_LOCKED = 'Locked'; -const ICON_PREVIOUS_LEVEL = 'Previous Level'; -const ICON_PREVIEW = 'Preview'; -const ICON_STATISTICS = 'Statistics'; -const ICON_SUCCESS = 'Success'; -const ICON_TICK = 'True'; -const ICON_UNLOCKED = 'Unlocked'; -const ICON_WARNING = 'Warning'; // constants for use in tep_prev_next_display function const TEXT_RESULT_PAGE = 'Page %s of %d'; diff --git a/admin/includes/modules/newsletters/product_notification.php b/admin/includes/modules/newsletters/product_notification.php index 142a23fb3..9ebb1507a 100644 --- a/admin/includes/modules/newsletters/product_notification.php +++ b/admin/includes/modules/newsletters/product_notification.php @@ -16,19 +16,19 @@ class product_notification { public $title, $content; function __construct($title, $content) { - $this->show_choose_audience = true; $this->title = $title; $this->content = $content; } function choose_audience() { $products = []; - $products_query = tep_db_query(<<<'EOSQL' + $products_query = tep_db_query(sprintf(<<<'EOSQL' SELECT pd.products_id, pd.products_name FROM products p INNER JOIN products_description pd ON pd.products_id = p.products_id - WHERE p.products_status = 1 AND pd.language_id = + WHERE p.products_status = 1 AND pd.language_id = %d + ORDER BY pd.products_name EOSQL - . (int)$GLOBALS['languages_id'] . ' ORDER BY pd.products_name'); + , (int)$_SESSION['languages_id'])); while ($product = tep_db_fetch_array($products_query)) { $products[] = [ 'id' => $product['products_id'], @@ -161,7 +161,7 @@ function send($newsletter_id) { $audience = []; $db_tables = $customer_data->build_db_tables(['id', 'name', 'email_address'], 'customers'); - tep_guarantee_subarray($db_tables, 'customers'); + Guarantor::guarantee_subarray($db_tables, 'customers'); $db_tables['customers']['customers_id'] = null; $built = query::rtrim_string_once(customer_query::build_specified_columns($db_tables), query::COLUMN_SEPARATOR) . ' FROM' . customer_query::build_joins($db_tables, []); diff --git a/admin/includes/template_bottom.php b/admin/includes/template_bottom.php index 6b7b1bb0f..00605c7a9 100644 --- a/admin/includes/template_bottom.php +++ b/admin/includes/template_bottom.php @@ -5,7 +5,7 @@ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com - Copyright (c) 2010 osCommerce + Copyright (c) 2020 osCommerce Released under the GNU General Public License */ @@ -13,8 +13,10 @@ - call('siteWide', 'injectSiteEnd'); ?> @@ -22,9 +24,7 @@ -call('siteWide', 'injectBodyEnd'); -?> +call('siteWide', 'injectBodyEnd') ?> diff --git a/admin/includes/template_top.php b/admin/includes/template_top.php index d18eb2129..ef8e42d35 100644 --- a/admin/includes/template_top.php +++ b/admin/includes/template_top.php @@ -11,27 +11,25 @@ */ ?> -> +> - + -<?php echo TITLE; ?> - - +<?= TITLE ?> + + -call('siteWide', 'injectSiteStart'); -?> +call('siteWide', 'injectSiteStart') ?> - + - - + -call('siteWide', 'injectBodyStart'); -?> +call('siteWide', 'injectBodyStart') ?>
diff --git a/admin/modules_hooks.php b/admin/modules_hooks.php index 6fbac52f1..c01f83a52 100644 --- a/admin/modules_hooks.php +++ b/admin/modules_hooks.php @@ -62,7 +62,7 @@ function tep_find_listeners($class) { $class = "hook_{$site}_{$group}_{$pathinfo['filename']}"; foreach (tep_find_listeners($class) as $listener) { - tep_guarantee_all( + Guarantor::guarantee_all( $contents, $site, $group, @@ -90,7 +90,7 @@ function tep_find_listeners($class) { $callable[] = $hook['hooks_method']; } - tep_guarantee_all( + Guarantor::guarantee_all( $contents, $hook['hooks_site'], $hook['hooks_group'], @@ -102,8 +102,8 @@ function tep_find_listeners($class) { require 'includes/template_top.php'; ?> -

- +

+
 
get('sortable_name', $customers); ?>
get('sortable_name', $customers) ?>
- + - - - - + + + + @@ -136,10 +136,10 @@ function tep_find_listeners($class) { $class = "hook_{$site}_{$group}_{$code}"; ?> - - - - + + + +
- +
-

+

0) { - $download = tep_db_fetch_array($download_query); - $products_attributes_filename = $download['products_attributes_filename']; - $products_attributes_maxdays = $download['products_attributes_maxdays']; - $products_attributes_maxcount = $download['products_attributes_maxcount']; - } + $download_query = tep_db_query(sprintf(<<<'EOSQL' +SELECT products_attributes_filename, products_attributes_maxdays, products_attributes_maxcount + FROM products_attributes_download + WHERE products_attributes_id = %d +EOSQL + , (int)$attributes_values['products_attributes_id'])); + $download = tep_db_fetch_array($download_query); ?> @@ -298,11 +297,11 @@ - + - + - + @@ -380,8 +379,6 @@ @@ -389,11 +386,11 @@ - + - + - + diff --git a/admin/testimonials.php b/admin/testimonials.php index fbada84e5..7375ed65e 100644 --- a/admin/testimonials.php +++ b/admin/testimonials.php @@ -65,7 +65,7 @@ $OSCOM_Hooks->call('testimonials', 'addNewAction'); - tep_redirect(tep_href_link('testimonials.php', tep_get_all_get_params([('action']))); + tep_redirect(tep_href_link('testimonials.php', tep_get_all_get_params(['action']))); break; } } diff --git a/contact_us.php b/contact_us.php index 85e3d28ee..ce5c0b155 100644 --- a/contact_us.php +++ b/contact_us.php @@ -12,7 +12,7 @@ require 'includes/application_top.php'; - require "includes/languages/$language/contact_us.php"; + require language::map_to_translation('contact_us.php'); if (tep_validate_form_action_is('send')) { $error = false; @@ -21,13 +21,15 @@ $email_address = tep_db_prepare_input($_POST['email']); $enquiry = tep_db_prepare_input($_POST['enquiry']); - if (!tep_validate_email($email_address)) { + $email_class = $customer_data->has('email_address') + ? get_class($customer_data->get_module('email_address')) + : 'cd_email_address'; + + if (!$email_class::validate($email_address)) { tep_block_form_processing(); $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } - - $OSCOM_Hooks->call('siteWide', 'injectFormVerify'); $actionRecorder = new actionRecorder('ar_contact_us', ($_SESSION['customer_id'] ?? null), $name); if (!$actionRecorder->canPerform()) { @@ -38,6 +40,8 @@ $messageStack->add('contact', sprintf(ERROR_ACTION_RECORDER, (defined('MODULE_ACTION_RECORDER_CONTACT_US_EMAIL_MINUTES') ? (int)MODULE_ACTION_RECORDER_CONTACT_US_EMAIL_MINUTES : 15))); } + $OSCOM_Hooks->call('siteWide', 'injectFormVerify'); + if (tep_form_processing_is_valid()) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, sprintf(EMAIL_SUBJECT, STORE_NAME), $enquiry, $name, $email_address); diff --git a/create_account.php b/create_account.php index c34ec4d35..883da96a0 100644 --- a/create_account.php +++ b/create_account.php @@ -13,7 +13,7 @@ require 'includes/application_top.php'; // needs to be included earlier to set the success message in the messageStack - require "includes/languages/$language/create_account.php"; + require language::map_to_translation('create_account.php'); $message_stack_area = 'create_account'; @@ -27,33 +27,18 @@ if (tep_form_processing_is_valid()) { $customer_data->create($customer_details); - $OSCOM_Hooks->call('siteWide', 'postAccountCreation'); - $OSCOM_Hooks->call('siteWide', 'postLogin'); - - if (SESSION_RECREATE == 'True') { - tep_session_recreate(); - } - - $customer = new customer($customer_data->get('id', $customer_details)); - $_SESSION['customer_id'] = $customer->get_id(); - $customer_id =& $_SESSION['customers_id']; - - tep_reset_session_token(); - $_SESSION['cart']->restore_contents(); - - tep_notify('create_account', $customer); - - tep_redirect(tep_href_link('create_account_success.php', '', 'SSL')); + $OSCOM_Hooks->call('siteWide', 'postRegistration'); } } $grouped_modules = $customer_data->get_grouped_modules(); - $customer_data_group_query = tep_db_query(<<<'EOSQL' + $customer_data_group_query = tep_db_query(sprintf(<<<'EOSQL' SELECT customer_data_groups_id, customer_data_groups_name FROM customer_data_groups - WHERE language_id = + WHERE language_id = %d + ORDER BY cdg_vertical_sort_order, cdg_horizontal_sort_order EOSQL - . (int)$languages_id . ' ORDER BY cdg_vertical_sort_order, cdg_horizontal_sort_order'); + , (int)$_SESSION['languages_id'])); require $oscTemplate->map_to_template(__FILE__, 'page'); diff --git a/ext/modules/payment/paypal/express.php b/ext/modules/payment/paypal/express.php index 929884e78..49b83a605 100644 --- a/ext/modules/payment/paypal/express.php +++ b/ext/modules/payment/paypal/express.php @@ -19,10 +19,10 @@ $paypal_express = new paypal_express(); if ( !$paypal_express->check() || !$paypal_express->enabled ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } - require DIR_FS_CATALOG . "includes/languages/$language/create_account.php"; + require language::map_to_translation('create_account.php'); if ( !isset($_SESSION['sendto']) ) { if ( isset($_SESSION['customer_id']) ) { @@ -72,7 +72,7 @@ unset($_SESSION['billto']); } - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); break; case 'callbackSet': @@ -170,7 +170,7 @@ $shipping_modules = new shipping(); if ( ot_shipping::is_eligible_free_shipping($customer_data->get('country_id', $order->delivery), $order->info['total']) ) { - include DIR_FS_CATALOG . "includes/languages/$language/modules/order_total/ot_shipping.php"; + include language::map_to_translation('modules/order_total/ot_shipping.php'); $quotes_array[] = [ 'id' => 'free_free', @@ -266,7 +266,7 @@ break; case 'retrieve': if ( ($_SESSION['cart']->count_contents() < 1) || empty($_GET['token']) || !isset($_SESSION['appPayPalEcSecret']) ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } if ( !isset($_SESSION['appPayPalEcResult']) || ($appPayPalEcResult['TOKEN'] != $_GET['token']) ) { @@ -293,11 +293,11 @@ if ( $pass === true ) { if ( OSCOM_APP_PAYPAL_GATEWAY == '1' ) { // PayPal if ( $appPayPalEcResult['PAYMENTREQUEST_0_CUSTOM'] != $_SESSION['appPayPalEcSecret'] ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } } else { // Payflow if ( $appPayPalEcResult['CUSTOM'] != $_SESSION['appPayPalEcSecret'] ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } } @@ -321,7 +321,7 @@ $_SESSION['navigation']->set_snapshot(); - $login_url = tep_href_link('login.php', '', 'SSL'); + $login_url = tep_href_link('login.php'); $login_email_address = tep_output_string($appPayPalEcResult['EMAIL']); $output = <<call('siteWide', 'postAccountCreation'); - $OSCOM_Hooks->call('siteWide', 'postLogin'); - if ( SESSION_RECREATE === 'True' ) { - tep_session_recreate(); - } + $OSCOM_Hooks->call('siteWide', 'postRegistration'); - tep_reset_session_token(); $customer = new customer($customer_id); } @@ -485,7 +480,7 @@ $_SESSION['shipping'] = false; if ( ot_shipping::is_eligible_free_shipping($customer_data->get('country_id', $order->delivery), $order->info['total']) ) { - include DIR_FS_CATALOG . "includes/languages/$language/modules/order_total/ot_shipping.php"; + include language::map_to_translation('modules/order_total/ot_shipping.php'); $_SESSION['shipping'] = 'free_free'; } elseif ( tep_count_shipping_modules() > 0 ) { @@ -537,7 +532,7 @@ $_SESSION['appPayPalEcRightTurn'] = true; - tep_redirect(tep_href_link('checkout_shipping_address.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_shipping_address.php')); } if (strpos($_SESSION['shipping'], '_')) { @@ -554,7 +549,7 @@ if (isset($quote['error'])) { unset($_SESSION['shipping']); - tep_redirect(tep_href_link('checkout_shipping.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_shipping.php')); } elseif ( (isset($quote[0]['methods'][0]['title'])) && (isset($quote[0]['methods'][0]['cost'])) ) { $_SESSION['shipping'] = [ 'id' => $_SESSION['shipping'], @@ -570,11 +565,11 @@ } if ( isset($_SESSION['shipping']) ) { - tep_redirect(tep_href_link('checkout_confirmation.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_confirmation.php')); } else { $_SESSION['appPayPalEcRightTurn'] = true; - tep_redirect(tep_href_link('checkout_shipping.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_shipping.php')); } } else { if ( OSCOM_APP_PAYPAL_GATEWAY == '1' ) { // PayPal @@ -583,7 +578,7 @@ $messageStack->add_session('header', $appPayPalEcResult['OSCOM_ERROR_MESSAGE'], 'error'); } - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } break; @@ -591,7 +586,7 @@ default: // if there is nothing in the customer's cart, redirect to the shopping cart page if ( $_SESSION['cart']->count_contents() < 1 ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } if ( OSCOM_APP_PAYPAL_EC_STATUS == '1' ) { @@ -725,7 +720,7 @@ public function get($key, $to = 0) { $shipping_modules = new shipping(); if ( ot_shipping::is_eligible_free_shipping($customer_data->get('country_id', $order->delivery), $order->info['total']) ) { - include DIR_FS_CATALOG . "includes/languages/$language/modules/order_total/ot_shipping.php"; + include language::map_to_translation('modules/order_total/ot_shipping.php'); $quotes_array[] = [ 'id' => 'free_free', 'name' => FREE_SHIPPING_TITLE, @@ -755,7 +750,7 @@ public function get($key, $to = 0) { $messageStack->add_session('checkout_address', $paypal_express->_app->getDef('module_ec_error_no_shipping_available'), 'error'); - tep_redirect(tep_href_link('checkout_shipping_address.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_shipping_address.php')); } } @@ -905,7 +900,7 @@ public function get($key, $to = 0) { tep_redirect($paypal_url . 'token=' . $response_array['TOKEN']); } else { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']))); } } else { // Payflow $params['CUSTOM'] = $_SESSION['appPayPalEcSecret']; @@ -922,13 +917,13 @@ public function get($key, $to = 0) { if ( $response_array['RESULT'] == '0' ) { tep_redirect($paypal_url . 'token=' . $response_array['TOKEN']); } else { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']))); } } break; } - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); require DIR_FS_CATALOG . 'includes/application_bottom.php'; diff --git a/ext/modules/payment/paypal/express_payflow.php b/ext/modules/payment/paypal/express_payflow.php index f3a4353e2..41f71951e 100644 --- a/ext/modules/payment/paypal/express_payflow.php +++ b/ext/modules/payment/paypal/express_payflow.php @@ -23,7 +23,7 @@ $customer_id = 0; } - require "includes/languages/$language/create_account.php"; + require language::map_to_translation('create_account.php'); $paypal_pro_payflow_ec = new paypal_pro_payflow_ec(); @@ -72,7 +72,7 @@ if ($response_array['RESULT'] == '0') { if ( !isset($_SESSION['ppeuk_secret']) || ($response_array['CUSTOM'] != $ppeuk_secret) ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } $_SESSION['payment'] = $paypal_pro_payflow_ec->code; @@ -96,7 +96,7 @@ $_SESSION['navigation']->set_snapshot(); - $login_url = tep_href_link('login.php', '', 'SSL'); + $login_url = tep_href_link('login.php'); $login_email_address = tep_output_string($response_array['EMAIL']); $output = <<call('siteWide', 'postLogin'); $_SESSION['customer_id'] = $check['customers_id']; } } else { @@ -154,16 +155,10 @@ tep_mail($customer_data->get('name', $customer_details), $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } - $OSCOM_Hooks->call('siteWide', 'postAccountCreation'); - } - - $OSCOM_Hooks->call('siteWide', 'postLogin'); - if (SESSION_RECREATE == 'True') { - tep_session_recreate(); + $OSCOM_Hooks->call('siteWide', 'postRegistration'); } $customer_id =& $_SESSION['customer_id']; - tep_reset_session_token(); } // check if paypal shipping address exists in the address book @@ -244,7 +239,7 @@ $shipping =& $_SESSION['shipping']; if ( ot_shipping::is_eligible_free_shipping($order->delivery['country_id'], $order->info['total']) ) { - include "includes/languages/$language/modules/order_total/ot_shipping.php"; + include language::map_to_translation('modules/order_total/ot_shipping.php'); $shipping = 'free_free'; } elseif ( tep_count_shipping_modules() > 0 ) { @@ -260,7 +255,7 @@ $_SESSION['ppecuk_right_turn'] = true; - tep_redirect(tep_href_link('checkout_shipping_address.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_shipping_address.php')); } if (strpos($shipping, '_')) { @@ -277,7 +272,7 @@ if (isset($quote['error'])) { unset($_SESSION['shipping']); - tep_redirect(tep_href_link('checkout_shipping.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_shipping.php')); } elseif ( isset($quote[0]['methods'][0]['title'], $quote[0]['methods'][0]['cost']) ) { $shipping = [ 'id' => $shipping, @@ -289,10 +284,10 @@ } } -/* useraction=commit tep_redirect(tep_href_link('checkout_process.php', '', 'SSL')); */ - tep_redirect(tep_href_link('checkout_confirmation.php', '', 'SSL')); +/* useraction=commit tep_redirect(tep_href_link('checkout_process.php')); */ + tep_redirect(tep_href_link('checkout_confirmation.php')); } else { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']))); } break; @@ -360,7 +355,7 @@ $shipping_modules = new shipping(); if ( ot_shipping::is_eligible_free_shipping($order->delivery['country_id'], $order->info['total']) ) { - include "includes/languages/$language/modules/order_total/ot_shipping.php"; + include language::map_to_translation('modules/order_total/ot_shipping.php'); $quotes[] = [ 'id' => 'free_free', @@ -391,7 +386,7 @@ $messageStack->add_session('checkout_address', MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_EC_ERROR_NO_SHIPPING_AVAILABLE_TO_SHIPPING_ADDRESS); - tep_redirect(tep_href_link('checkout_shipping_address.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_shipping_address.php')); } } } @@ -511,12 +506,12 @@ if ($response_array['RESULT'] == '0') { tep_redirect($paypal_url . '&token=' . $response_array['TOKEN'] /*. '&useraction=commit'*/); } else { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']))); } break; } - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); require 'includes/application_bottom.php'; diff --git a/includes/apps/paypal/OSCOM_PayPal.php b/includes/apps/paypal/OSCOM_PayPal.php index d8a2ab994..a8759a4fe 100644 --- a/includes/apps/paypal/OSCOM_PayPal.php +++ b/includes/apps/paypal/OSCOM_PayPal.php @@ -118,7 +118,7 @@ function getModules() { if ( !isset($result) ) { $result = []; - + $d = DIR_FS_CATALOG . 'includes/apps/paypal/modules/'; if ( $dir = @dir($d) ) { while ( $file = $dir->read() ) { @@ -674,9 +674,9 @@ function getAlerts() { foreach ( $messages as $message ) { $m .= '
'; - $m .= tep_output_string_protected($message); + $m .= htmlspecialchars($message); $m .= '
'; - } + } $result[] = $m; } diff --git a/includes/apps/paypal/admin/content/log.php b/includes/apps/paypal/admin/content/log.php index 2d48416b2..ff21c07d6 100644 --- a/includes/apps/paypal/admin/content/log.php +++ b/includes/apps/paypal/admin/content/log.php @@ -45,7 +45,7 @@ - ' . $OSCOM_PayPal->getDef('guest') . ''; ?> + ' . $OSCOM_PayPal->getDef('guest') . ''; ?> drawButton($OSCOM_PayPal->getDef('button_view'), tep_href_link('paypal.php', 'action=log&page=' . $_GET['page'] . '&lID=' . $log['id'] . '&subaction=view'), 'info'); ?> diff --git a/includes/apps/paypal/admin/content/log_view.php b/includes/apps/paypal/admin/content/log_view.php index c8ba0a359..8353851a5 100644 --- a/includes/apps/paypal/admin/content/log_view.php +++ b/includes/apps/paypal/admin/content/log_view.php @@ -13,17 +13,17 @@
-

getDef('heading_log_view'); ?>

+

getDef('heading_log_view') ?>

-

drawButton($OSCOM_PayPal->getDef('button_back'), tep_href_link('paypal.php', 'action=log&page=' . $_GET['page']), 'info'); ?>

+

drawButton($OSCOM_PayPal->getDef('button_back'), tep_href_link('paypal.php', 'action=log&page=' . $_GET['page']), 'info') ?>

- + @@ -33,8 +33,8 @@ ?> - - + + - + @@ -57,8 +57,8 @@ ?> - - + + _app->getApiResult('APP', 'GetTransactionDetails', array('TRANSACTIONID' => $comments['Transaction ID']), (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); - - if ( in_array($response['ACK'], array('Success', 'SuccessWithWarning')) ) { - $result = 'Transaction ID: ' . tep_output_string_protected($response['TRANSACTIONID']) . "\n" . - 'Payer Status: ' . tep_output_string_protected($response['PAYERSTATUS']) . "\n" . - 'Address Status: ' . tep_output_string_protected($response['ADDRESSSTATUS']) . "\n" . - 'Payment Status: ' . tep_output_string_protected($response['PAYMENTSTATUS']) . "\n" . - 'Payment Type: ' . tep_output_string_protected($response['PAYMENTTYPE']) . "\n" . - 'Pending Reason: ' . tep_output_string_protected($response['PENDINGREASON']); + $response = $this->_app->getApiResult('APP', 'GetTransactionDetails', ['TRANSACTIONID' => $comments['Transaction ID']], (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); + + if ( in_array($response['ACK'], ['Success', 'SuccessWithWarning']) ) { + $result = 'Transaction ID: ' . htmlspecialchars($response['TRANSACTIONID']) . "\n" . + 'Payer Status: ' . htmlspecialchars($response['PAYERSTATUS']) . "\n" . + 'Address Status: ' . htmlspecialchars($response['ADDRESSSTATUS']) . "\n" . + 'Payment Status: ' . htmlspecialchars($response['PAYMENTSTATUS']) . "\n" . + 'Payment Type: ' . htmlspecialchars($response['PAYMENTTYPE']) . "\n" . + 'Pending Reason: ' . htmlspecialchars($response['PENDINGREASON']); } } elseif ( $comments['Gateway'] == 'Payflow' ) { - $response = $this->_app->getApiResult('APP', 'PayflowInquiry', array('ORIGID' => $comments['Transaction ID']), (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); + $response = $this->_app->getApiResult('APP', 'PayflowInquiry', ['ORIGID' => $comments['Transaction ID']], (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); if ( isset($response['RESULT']) && ($response['RESULT'] == '0') ) { - $result = 'Transaction ID: ' . tep_output_string_protected($response['ORIGPNREF']) . "\n" . + $result = 'Transaction ID: ' . htmlspecialchars($response['ORIGPNREF']) . "\n" . 'Gateway: Payflow' . "\n"; $pending_reason = $response['TRANSSTATE']; @@ -122,10 +122,10 @@ function getTransactionDetails($comments, $order) { } if ( isset($payment_status) ) { - $result .= 'Payment Status: ' . tep_output_string_protected($payment_status) . "\n"; + $result .= 'Payment Status: ' . htmlspecialchars($payment_status) . "\n"; } - $result .= 'Pending Reason: ' . tep_output_string_protected($pending_reason) . "\n"; + $result .= 'Pending Reason: ' . htmlspecialchars($pending_reason) . "\n"; switch ( $response['AVSADDR'] ) { case 'Y': @@ -170,11 +170,13 @@ function getTransactionDetails($comments, $order) { } if ( !empty($result) ) { - $sql_data_array = array('orders_id' => (int)$order['orders_id'], - 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, - 'date_added' => 'now()', - 'customer_notified' => '0', - 'comments' => $result); + $sql_data_array = [ + 'orders_id' => (int)$order['orders_id'], + 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, + 'date_added' => 'NOW()', + 'customer_notified' => '0', + 'comments' => $result, + ]; tep_db_perform('orders_status_history', $sql_data_array); @@ -194,26 +196,30 @@ function doCapture($comments, $order) { if ( $this->_app->formatCurrencyRaw($_POST['ppCaptureAmount'], $order['currency'], 1) < $capture_value ) { $capture_value = $this->_app->formatCurrencyRaw($_POST['ppCaptureAmount'], $order['currency'], 1); - $capture_final = (isset($_POST['ppCatureComplete']) && ($_POST['ppCatureComplete'] == 'true')) ? true : false; + $capture_final = (isset($_POST['ppCatureComplete']) && ($_POST['ppCatureComplete'] === 'true')); } if ( !isset($comments['Gateway']) ) { - $params = array('AUTHORIZATIONID' => $comments['Transaction ID'], - 'AMT' => $capture_value, - 'CURRENCYCODE' => $order['currency'], - 'COMPLETETYPE' => ($capture_final === true) ? 'Complete' : 'NotComplete'); + $params = [ + 'AUTHORIZATIONID' => $comments['Transaction ID'], + 'AMT' => $capture_value, + 'CURRENCYCODE' => $order['currency'], + 'COMPLETETYPE' => ($capture_final === true) ? 'Complete' : 'NotComplete', + ]; $response = $this->_app->getApiResult('APP', 'DoCapture', $params, (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); - if ( in_array($response['ACK'], array('Success', 'SuccessWithWarning')) ) { + if ( in_array($response['ACK'], ['Success', 'SuccessWithWarning']) ) { $transaction_id = $response['TRANSACTIONID']; $pass = true; } } elseif ( $comments['Gateway'] == 'Payflow' ) { - $params = array('ORIGID' => $comments['Transaction ID'], - 'AMT' => $capture_value, - 'CAPTURECOMPLETE' => ($capture_final === true) ? 'Y' : 'N'); + $params = [ + 'ORIGID' => $comments['Transaction ID'], + 'AMT' => $capture_value, + 'CAPTURECOMPLETE' => ($capture_final === true) ? 'Y' : 'N', + ]; $response = $this->_app->getApiResult('APP', 'PayflowCapture', $params, (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); @@ -231,13 +237,15 @@ function doCapture($comments, $order) { $result .= 'PayPal App: Void (' . $this->_app->formatCurrencyRaw($capture_total - $capture_value, $order['currency'], 1) . ')' . "\n"; } - $result .= 'Transaction ID: ' . tep_output_string_protected($transaction_id); + $result .= 'Transaction ID: ' . htmlspecialchars($transaction_id); - $sql_data_array = array('orders_id' => (int)$order['orders_id'], - 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, - 'date_added' => 'now()', - 'customer_notified' => '0', - 'comments' => $result); + $sql_data_array = [ + 'orders_id' => (int)$order['orders_id'], + 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, + 'date_added' => 'NOW()', + 'customer_notified' => '0', + 'comments' => $result, + ]; tep_db_perform('orders_status_history', $sql_data_array); @@ -253,13 +261,13 @@ function doVoid($comments, $order) { $pass = false; if ( !isset($comments['Gateway']) ) { - $response = $this->_app->getApiResult('APP', 'DoVoid', array('AUTHORIZATIONID' => $comments['Transaction ID']), (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); + $response = $this->_app->getApiResult('APP', 'DoVoid', ['AUTHORIZATIONID' => $comments['Transaction ID']], (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); - if ( in_array($response['ACK'], array('Success', 'SuccessWithWarning')) ) { + if ( in_array($response['ACK'], ['Success', 'SuccessWithWarning']) ) { $pass = true; } } elseif ( $comments['Gateway'] == 'Payflow' ) { - $response = $this->_app->getApiResult('APP', 'PayflowVoid', array('ORIGID' => $comments['Transaction ID']), (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); + $response = $this->_app->getApiResult('APP', 'PayflowVoid', ['ORIGID' => $comments['Transaction ID']], (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); if ( isset($response['RESULT']) && ($response['RESULT'] == '0') ) { $pass = true; @@ -278,11 +286,13 @@ function doVoid($comments, $order) { $result = 'PayPal App: Void (' . $capture_total . ')'; - $sql_data_array = array('orders_id' => (int)$order['orders_id'], - 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, - 'date_added' => 'now()', - 'customer_notified' => '0', - 'comments' => $result); + $sql_data_array = [ + 'orders_id' => (int)$order['orders_id'], + 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, + 'date_added' => 'NOW()', + 'customer_notified' => '0', + 'comments' => $result, + ]; tep_db_perform('orders_status_history', $sql_data_array); @@ -296,7 +306,7 @@ function refundTransaction($comments, $order) { global $messageStack; if ( isset($_POST['ppRefund']) ) { - $tids = array(); + $tids = []; $ppr_query = tep_db_query("select comments from orders_status_history where orders_id = '" . (int)$order['orders_id'] . "' and orders_status_id = '" . (int)OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID . "' and comments like 'PayPal App: %' order by date_added desc"); if ( tep_db_num_rows($ppr_query) ) { @@ -315,7 +325,7 @@ function refundTransaction($comments, $order) { $tids[$comments['Transaction ID']]['Amount'] = $this->_app->formatCurrencyRaw($order['total'], $order['currency'], $order['currency_value']); } - $rids = array(); + $rids = []; foreach ( $_POST['ppRefund'] as $id ) { if ( isset($tids[$id]) && !isset($tids[$id]['Refund']) ) { @@ -327,15 +337,15 @@ function refundTransaction($comments, $order) { $pass = false; if ( !isset($comments['Gateway']) ) { - $response = $this->_app->getApiResult('APP', 'RefundTransaction', array('TRANSACTIONID' => $id), (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); + $response = $this->_app->getApiResult('APP', 'RefundTransaction', ['TRANSACTIONID' => $id], (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); - if ( in_array($response['ACK'], array('Success', 'SuccessWithWarning')) ) { + if ( in_array($response['ACK'], ['Success', 'SuccessWithWarning']) ) { $transaction_id = $response['REFUNDTRANSACTIONID']; $pass = true; } } elseif ( $comments['Gateway'] == 'Payflow' ) { - $response = $this->_app->getApiResult('APP', 'PayflowRefund', array('ORIGID' => $id), (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); + $response = $this->_app->getApiResult('APP', 'PayflowRefund', ['ORIGID' => $id], (strpos($order['payment_method'], 'Sandbox') === false) ? 'live' : 'sandbox'); if ( isset($response['RESULT']) && ($response['RESULT'] == '0') ) { $transaction_id = $response['PNREF']; @@ -346,20 +356,22 @@ function refundTransaction($comments, $order) { if ( $pass === true ) { $result = 'PayPal App: Refund (' . $tids[$id]['Amount'] . ')' . "\n" . - 'Transaction ID: ' . tep_output_string_protected($transaction_id) . "\n" . - 'Parent ID: ' . tep_output_string_protected($id); + 'Transaction ID: ' . htmlspecialchars($transaction_id) . "\n" . + 'Parent ID: ' . htmlspecialchars($id); - $sql_data_array = array('orders_id' => (int)$order['orders_id'], - 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, - 'date_added' => 'now()', - 'customer_notified' => '0', - 'comments' => $result); + $sql_data_array = [ + 'orders_id' => (int)$order['orders_id'], + 'orders_status_id' => OSCOM_APP_PAYPAL_TRANSACTIONS_ORDER_STATUS_ID, + 'date_added' => 'NOW()', + 'customer_notified' => '0', + 'comments' => $result, + ]; tep_db_perform('orders_status_history', $sql_data_array); - $messageStack->add_session($this->_app->getDef('ms_success_refundTransaction', array('refund_amount' => $tids[$id]['Amount'])), 'success'); + $messageStack->add_session($this->_app->getDef('ms_success_refundTransaction', ['refund_amount' => $tids[$id]['Amount']]), 'success'); } else { - $messageStack->add_session($this->_app->getDef('ms_error_refundTransaction', array('refund_amount' => $tids[$id]['Amount'])), 'error'); + $messageStack->add_session($this->_app->getDef('ms_error_refundTransaction', ['refund_amount' => $tids[$id]['Amount']]), 'error'); } } } diff --git a/includes/apps/paypal/modules/DP/cfg_params/cards.php b/includes/apps/paypal/modules/DP/cfg_params/cards.php index 5ead726ae..e16599a4d 100644 --- a/includes/apps/paypal/modules/DP/cfg_params/cards.php +++ b/includes/apps/paypal/modules/DP/cfg_params/cards.php @@ -31,7 +31,7 @@ function getSetField() { foreach ( $this->cards as $key => $value ) { $input .= '
'; - $input .= ''; + $input .= ''; $input .= ''; $input .= '
'; } diff --git a/includes/classes/application.php b/includes/classes/application.php index 408ad1a23..706376c23 100644 --- a/includes/classes/application.php +++ b/includes/classes/application.php @@ -72,18 +72,8 @@ public function fix_numeric_locale() { public function set_session_language() { if (!isset($_SESSION['language']) || isset($_GET['language'])) { - global $lng; + $GLOBALS['lng'] = language::build(); - $lng = new language(); - - if (isset($_GET['language']) && tep_not_null($_GET['language'])) { - $lng->set_language($_GET['language']); - } else { - $lng->get_browser_language(); - } - - $_SESSION['language'] = $lng->language['directory']; - $_SESSION['languages_id'] = $lng->language['id']; $GLOBALS['languages_id'] =& $_SESSION['languages_id']; $GLOBALS['language'] =& $_SESSION['language']; } diff --git a/includes/classes/navigation_history.php b/includes/classes/navigation_history.php index bf2e558f2..f78fc0e09 100644 --- a/includes/classes/navigation_history.php +++ b/includes/classes/navigation_history.php @@ -24,10 +24,10 @@ public function reset() { } public function add_current_page() { - global $PHP_SELF, $request_type, $cPath; + global $cPath; for ($i = 0, $n = count($this->path); $i < $n; $i++) { - if ($this->path[$i]['page'] == $PHP_SELF) { + if ($this->path[$i]['page'] == $GLOBALS['PHP_SELF']) { if (!isset($cPath)) { array_splice($this->path, ($i)); break; @@ -55,18 +55,15 @@ public function add_current_page() { } $this->path[] = [ - 'page' => $PHP_SELF, - 'mode' => $request_type, + 'page' => $GLOBALS['PHP_SELF'], 'get' => $this->filter_parameters($_GET), 'post' => $this->filter_parameters($_POST), ]; } public function remove_current_page() { - global $PHP_SELF; - $last_entry_position = count($this->path) - 1; - if ($this->path[$last_entry_position]['page'] == $PHP_SELF) { + if ($this->path[$last_entry_position]['page'] == $GLOBALS['PHP_SELF']) { unset($this->path[$last_entry_position]); } } @@ -75,14 +72,12 @@ public function set_snapshot($page = null) { if (isset($page['page'])) { $this->snapshot = [ 'page' => $page['page'], - 'mode' => $page['mode'], - 'get' => $this->filter_parameters($page['get']), - 'post' => $this->filter_parameters($page['post']), + 'get' => $this->filter_parameters($page['get'] ?? []), + 'post' => $this->filter_parameters($page['post'] ?? []), ]; } else { $this->snapshot = [ 'page' => $GLOBALS['PHP_SELF'], - 'mode' => $GLOBALS['request_type'], 'get' => $this->filter_parameters($_GET), 'post' => $this->filter_parameters($_POST), ]; @@ -97,7 +92,6 @@ public function set_path_as_snapshot($history = 0) { $pos = (count($this->path) - 1 - $history); $this->snapshot = [ 'page' => $this->path[$pos]['page'], - 'mode' => $this->path[$pos]['mode'], 'get' => $this->path[$pos]['get'], 'post' => $this->path[$pos]['post'], ]; @@ -110,8 +104,7 @@ public function pop_snapshot_as_link() { $origin_href = tep_href_link( $this->snapshot['page'], - tep_array_to_string($this->snapshot['get'], [session_name()]), - $this->snapshot['mode']); + tep_array_to_string($this->snapshot['get'], [session_name()])); $this->clear_snapshot(); return $origin_href; @@ -136,7 +129,7 @@ public function debug() { if (count($this->snapshot) > 0) { echo '

'; - echo $this->snapshot['mode'] . ' ' . $this->snapshot['page'] . '?' . tep_array_to_string($this->snapshot['get'], [session_name()]) . '
'; + echo $this->snapshot['page'] . '?' . tep_array_to_string($this->snapshot['get'], [session_name()]) . '
'; } } diff --git a/includes/functions/autoloader.php b/includes/functions/autoloader.php index 50bf0964f..149fc53a7 100644 --- a/includes/functions/autoloader.php +++ b/includes/functions/autoloader.php @@ -121,7 +121,7 @@ function tep_autoload_catalog($original_class) { if (isset($class_files[$class])) { if (isset($_SESSION['language']) && DIR_FS_CATALOG . 'includes/modules' === substr($class_files[$class], 0, $modules_directory_length)) { - $language_file = DIR_FS_CATALOG . 'includes/languages/' . $_SESSION['language'] . '/modules' . substr($class_files[$class], $modules_directory_length); + $language_file = language::map_to_translation('modules' . substr($class_files[$class], $modules_directory_length)); if (file_exists($language_file)) { include $language_file; } diff --git a/includes/functions/sessions.php b/includes/functions/sessions.php index 4666fa961..55ec7794d 100644 --- a/includes/functions/sessions.php +++ b/includes/functions/sessions.php @@ -151,14 +151,16 @@ function tep_session_save_path($path = '') { } function tep_session_recreate() { - global $SID; + if (SESSION_RECREATE !== 'True') { + return; + } $old_id = session_id(); session_regenerate_id(true); - if (!empty($SID)) { - $SID = session_name() . '=' . session_id(); + if (!empty($GLOBALS['SID'])) { + $GLOBALS['SID'] = session_name() . '=' . session_id(); } whos_online::update_session_id($old_id, session_id()); diff --git a/includes/hooks/admin/categories/focusRequiredTab.php b/includes/hooks/admin/categories/focusRequiredTab.php new file mode 100644 index 000000000..a25e45652 --- /dev/null +++ b/includes/hooks/admin/categories/focusRequiredTab.php @@ -0,0 +1,33 @@ + +$(function () { + $('button[type="submit"]').click(function() { + var id = $('.tab-pane').find(':required:invalid').closest('.tab-pane').attr('id'); + + $('.nav a[href="#' + id + '"]').tab('show'); $('.tab-pane').find(':required:invalid').closest('.collapse').addClass('show'); + + $('a[data-toggle="tab"]').on('shown.bs.tab', function (e) { $("form[name='new_product']")[0].reportValidity(); }) + }) +}) + +ft; + + return $focusTab; + } + +} diff --git a/includes/languages/english/conditions.php b/includes/languages/english/conditions.php index 3ee7d229c..0003726b7 100644 --- a/includes/languages/english/conditions.php +++ b/includes/languages/english/conditions.php @@ -5,13 +5,14 @@ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com - Copyright (c) 2002 osCommerce + Copyright (c) 2020 osCommerce Released under the GNU General Public License */ -define('NAVBAR_TITLE', 'Conditions of Use'); -define('HEADING_TITLE', 'Conditions of Use'); +const NAVBAR_TITLE = 'Conditions of Use'; -define('TEXT_INFORMATION', 'Put here your Conditions of Use information.'); -?> \ No newline at end of file +/* +Define the Title and Text of this page using the Info Pages Manager. +Admin > Tools > Info Pages +*/ diff --git a/includes/languages/english/privacy.php b/includes/languages/english/privacy.php index b8d68d78b..c47ac183a 100644 --- a/includes/languages/english/privacy.php +++ b/includes/languages/english/privacy.php @@ -5,13 +5,14 @@ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com - Copyright (c) 2002 osCommerce + Copyright (c) 2020 osCommerce Released under the GNU General Public License */ -define('NAVBAR_TITLE', 'Privacy Notice'); -define('HEADING_TITLE', 'Privacy Notice'); +const NAVBAR_TITLE = 'Privacy Notice'; -define('TEXT_INFORMATION', 'Put here your Privacy Notice information.'); -?> \ No newline at end of file +/* +Define the Title and Text of this page using the Info Pages Manager. +Admin > Tools > Info Pages +*/ diff --git a/includes/languages/english/shipping.php b/includes/languages/english/shipping.php index 83bbf665b..cc8168e8c 100644 --- a/includes/languages/english/shipping.php +++ b/includes/languages/english/shipping.php @@ -5,13 +5,14 @@ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com - Copyright (c) 2002 osCommerce + Copyright (c) 2020 osCommerce Released under the GNU General Public License */ -define('NAVBAR_TITLE', 'Shipping & Returns'); -define('HEADING_TITLE', 'Shipping & Returns'); +const NAVBAR_TITLE = 'Shipping & Returns'; -define('TEXT_INFORMATION', 'Put here your Shipping & Returns information.'); -?> \ No newline at end of file +/* +Define the Title and Text of this page using the Info Pages Manager. +Admin > Tools > Info Pages +*/ diff --git a/includes/modules/block_template.php b/includes/modules/block_template.php index 85a71bf6b..7e02bf4f4 100644 --- a/includes/modules/block_template.php +++ b/includes/modules/block_template.php @@ -11,6 +11,6 @@ */ ob_start(); -include($GLOBALS['oscTemplate']->map_to_template($tpl_data['file'])); +include $GLOBALS['oscTemplate']->map_to_template($tpl_data['file'], $tpl_data['type'] ?? 'module'); $GLOBALS['oscTemplate']->addBlock(ob_get_clean(), $tpl_data['group']); diff --git a/includes/modules/boxes/bm_whats_new.php b/includes/modules/boxes/bm_whats_new.php index 58d0e7a77..fa8a22f32 100644 --- a/includes/modules/boxes/bm_whats_new.php +++ b/includes/modules/boxes/bm_whats_new.php @@ -10,78 +10,64 @@ Released under the GNU General Public License */ - class bm_whats_new { - var $code = 'bm_whats_new'; - var $group = 'boxes'; - var $title; - var $description; - var $sort_order; - var $enabled = false; + class bm_whats_new extends abstract_block_module { - function __construct() { - $this->title = MODULE_BOXES_WHATS_NEW_TITLE; - $this->description = MODULE_BOXES_WHATS_NEW_DESCRIPTION; + const CONFIG_KEY_BASE = 'MODULE_BOXES_WHATS_NEW_'; - if ( defined('MODULE_BOXES_WHATS_NEW_STATUS') ) { - $this->sort_order = MODULE_BOXES_WHATS_NEW_SORT_ORDER; - $this->enabled = (MODULE_BOXES_WHATS_NEW_STATUS == 'True'); - - $this->group = ((MODULE_BOXES_WHATS_NEW_CONTENT_PLACEMENT == 'Left Column') ? 'boxes_column_left' : 'boxes_column_right'); - } - } + protected $group = 'boxes'; function execute() { - global $currencies, $oscTemplate; - - $data = array(); - - if ($random_product = tep_random_select("select p.*, pd.*, IF(s.status, s.specials_new_products_price, NULL) as specials_new_products_price, IF(s.status, s.specials_new_products_price, p.products_price) as final_price, p.products_quantity as in_stock, if(s.status, 1, 0) as is_special from products_description pd, products p left join specials s on p.products_id = s.products_id where p.products_status = '1' and p.products_id = pd.products_id and pd.language_id = '" . (int)$_SESSION['languages_id'] . "' order by products_date_added desc limit " . MODULE_BOXES_WHATS_NEW_MAX_RANDOM_SELECT_NEW)) { - $data['data-is-special'] = (int)$random_product['is_special']; - $data['data-product-price'] = $currencies->display_raw($random_product['final_price'], tep_get_tax_rate($random_product['products_tax_class_id'])); - $data['data-product-manufacturer'] = max(0, (int)$random_product['manufacturers_id']); - - // data attributes - $box_attr = ''; - foreach ( $data as $key => $value ) { - $box_attr .= ' ' . tep_output_string_protected($key) . '="' . tep_output_string_protected($value) . '"'; - } - // product title - $box_title = '' . $random_product['products_name'] . ''; - // product image - $box_image = '' . tep_image('images/' . $random_product['products_image'], htmlspecialchars($random_product['products_name']), SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, '', true, 'card-img-top') . ''; - // product price - if ($random_product['is_special'] == 1) { - $box_price = sprintf(IS_PRODUCT_SHOW_PRICE_SPECIAL, $currencies->display_price($random_product['products_price'], tep_get_tax_rate($random_product['products_tax_class_id'])), $currencies->display_price($random_product['specials_new_products_price'], tep_get_tax_rate($random_product['products_tax_class_id']))); - } else { - $box_price = sprintf(IS_PRODUCT_SHOW_PRICE, $currencies->display_price($random_product['products_price'], tep_get_tax_rate($random_product['products_tax_class_id']))); - } - - $tpl_data = ['group' => $this->group, 'file' => __FILE__]; - include 'includes/modules/block_template.php'; + $random_query = tep_db_query("SELECT products_id FROM products WHERE products_status = 1 ORDER BY products_id DESC LIMIT " . (int)MODULE_BOXES_WHATS_NEW_MAX_RANDOM_SELECT_NEW); + $num_rows = tep_db_num_rows($random_query); + if (!$num_rows) { + return; } - } - function isEnabled() { - return $this->enabled; - } + tep_db_data_seek($random_query, tep_rand(0, ($num_rows - 1))); + $random_selection = tep_db_fetch_array($random_query); - function check() { - return defined('MODULE_BOXES_WHATS_NEW_STATUS'); - } + $product = product_by_id::build((int)$random_selection['products_id']); - function install() { - tep_db_query("insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable What\'s New Module', 'MODULE_BOXES_WHATS_NEW_STATUS', 'True', 'Do you want to add the module to your shop?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); - tep_db_query("insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Selection of Random New Products', 'MODULE_BOXES_WHATS_NEW_MAX_RANDOM_SELECT_NEW', '10', 'How many records to select from to choose one random new product to display', '6', '2', now())"); - tep_db_query("insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_BOXES_WHATS_NEW_CONTENT_PLACEMENT', 'Left Column', 'Should the module be loaded in the left or right column?', '6', '3', 'tep_cfg_select_option(array(\'Left Column\', \'Right Column\'), ', now())"); - tep_db_query("insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_BOXES_WHATS_NEW_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '4', now())"); - } + $box = [ + 'parameters' => ['product_card.php', 'component'], + 'classes' => 'is-product bm-whats-new', + 'title' => sprintf(MODULE_BOXES_WHATS_NEW_BOX_TITLE, tep_href_link('products_new.php')), + 'attributes' => $product->get('data_attributes'), + ]; - function remove() { - tep_db_query("delete from configuration where configuration_key in ('" . implode("', '", $this->keys()) . "')"); + $tpl_data = [ + 'group' => $this->group, + 'file' => 'box.php', + 'type' => 'component', + ]; + include 'includes/modules/block_template.php'; } - function keys() { - return array('MODULE_BOXES_WHATS_NEW_STATUS', 'MODULE_BOXES_WHATS_NEW_MAX_RANDOM_SELECT_NEW', 'MODULE_BOXES_WHATS_NEW_CONTENT_PLACEMENT', 'MODULE_BOXES_WHATS_NEW_SORT_ORDER'); + protected function get_parameters() { + return [ + 'MODULE_BOXES_WHATS_NEW_STATUS' => [ + 'title' => 'Enable Best Sellers Module', + 'value' => 'True', + 'desc' => 'Do you want to add the module to your shop?', + 'set_func' => "tep_cfg_select_option(['True', 'False'], ", + ], + 'MODULE_BOXES_WHATS_NEW_MAX_RANDOM_SELECT_NEW' => [ + 'title' => 'Selection of Random New Products', + 'value' => '4', + 'desc' => 'Select one random product from the last X (the number you insert here) added products.', + ], + 'MODULE_BOXES_WHATS_NEW_CONTENT_PLACEMENT' => [ + 'title' => 'Content Placement', + 'value' => 'Right Column', + 'desc' => 'Should the module be loaded in the left or right column?', + 'set_func' => "tep_cfg_select_option(['Left Column', 'Right Column'], ", + ], + 'MODULE_BOXES_WHATS_NEW_SORT_ORDER' => [ + 'title' => 'Sort Order', + 'value' => '5015', + 'desc' => 'Sort order of display. Lowest is displayed first.', + ], + ]; } + } - diff --git a/includes/modules/boxes/templates/tpl_bm_whats_new.php b/includes/modules/boxes/templates/tpl_bm_whats_new.php deleted file mode 100644 index cdfa70b81..000000000 --- a/includes/modules/boxes/templates/tpl_bm_whats_new.php +++ /dev/null @@ -1,27 +0,0 @@ -
> -
- -
- -
-
-
-
-
- - diff --git a/includes/modules/content/navigation/templates/tpl_cm_navbar.php b/includes/modules/content/navigation/templates/tpl_cm_navbar.php index 38528182a..cc03a1a32 100644 --- a/includes/modules/content/navigation/templates/tpl_cm_navbar.php +++ b/includes/modules/content/navigation/templates/tpl_cm_navbar.php @@ -1,24 +1,29 @@ -' . ' ' - . ' ' + . ' ' . ''; if ( MODULE_PAYMENT_BRAINTREE_CC_VERIFY_WITH_CVV == 'True' ) { @@ -155,7 +155,7 @@ public function confirmation() { $content .= '
getDef('table_heading_entries_request'); ?>getDef('table_heading_entries_request') ?>
getDef('table_heading_entries_response'); ?>getDef('table_heading_entries_response') ?>
' . MODULE_PAYMENT_BRAINTREE_CC_CREDITCARD_LAST_4 . ' ' . tep_output_string_protected($tokens['number_filtered']) . '  ' . tep_output_string_protected(substr($tokens['expiry_date'], 0, 2) . '/' . substr($tokens['expiry_date'], 2)) . '  ' . tep_output_string_protected($tokens['card_type']) . '' . MODULE_PAYMENT_BRAINTREE_CC_CREDITCARD_LAST_4 . ' ' . htmlspecialchars($tokens['number_filtered']) . '  ' . htmlspecialchars(substr($tokens['expiry_date'], 0, 2) . '/' . substr($tokens['expiry_date'], 2)) . '  ' . htmlspecialchars($tokens['card_type']) . '
' . '' . ' ' - . ' ' + . ' ' . '' . '' . ' ' @@ -176,7 +176,7 @@ public function confirmation() { if ( MODULE_PAYMENT_BRAINTREE_CC_TOKENS == 'True' ) { $content .= '' . ' ' - . ' ' + . ' ' . ''; } @@ -192,7 +192,7 @@ public function confirmation() { } public function before_process() { - global $order; + global $order, $customer_data; $this->token = null; $braintree_token_cvv = null; @@ -213,7 +213,7 @@ public function before_process() { } if ( empty($braintree_token_cvv) ) { - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardcvv', 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardcvv')); } } } @@ -244,28 +244,28 @@ public function before_process() { } if ( empty($cc_owner) ) { - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardowner', 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardowner')); } if ( empty($cc_number) ) { - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardnumber', 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardnumber')); } if ( !isset($cc_expires_month) || !in_array($cc_expires_month, $months) ) { - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardexpires')); } if ( !isset($cc_expires_year) || !in_array($cc_expires_year, $years) ) { - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardexpires')); } if ( ($cc_expires_year == date('Y')) && ($cc_expires_month < date('m')) ) { - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardexpires')); } if ( MODULE_PAYMENT_BRAINTREE_CC_VERIFY_WITH_CVV == 'True' ) { if ( empty($cc_cvv) ) { - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardcvv', 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code . '&error=cardcvv')); } } } @@ -279,27 +279,28 @@ public function before_process() { $_SESSION['currency'] = $this->getTransactionCurrency(); + $customer_data->get('country', $order->billing); $data = [ 'amount' => $this->format_raw($order->info['total'], $_SESSION['currency']), 'merchantAccountId' => $this->getMerchantAccountId($_SESSION['currency']), 'creditCard' => ['cardholderName' => $cc_owner], 'customer' => [ - 'firstName' => $order->customer['firstname'], - 'lastName' => $order->customer['lastname'], - 'company' => $order->customer['company'], - 'phone' => $order->customer['telephone'], - 'email' => $order->customer['email_address'], + 'firstName' => $customer_data->get('firstname', $order->customer), + 'lastName' => $customer_data->get('lastname', $order->customer), + 'company' => $customer_data->get('company', $order->customer), + 'phone' => $customer_data->get('telephone', $order->customer), + 'email' => $customer_data->get('email_address', $order->customer), ], 'billing' => [ - 'firstName' => $order->billing['firstname'], - 'lastName' => $order->billing['lastname'], - 'company' => $order->billing['company'], - 'streetAddress' => $order->billing['street_address'], - 'extendedAddress' => $order->billing['suburb'], - 'locality' => $order->billing['city'], - 'region' => tep_get_zone_name($order->billing['country_id'], $order->billing['zone_id'], $order->billing['state']), - 'postalCode' => $order->billing['postcode'], - 'countryCodeAlpha2' => $order->billing['country']['iso_code_2'], + 'firstName' => $customer_data->get('firstname', $order->billing), + 'lastName' => $customer_data->get('lastname', $order->billing), + 'company' => $customer_data->get('company', $order->billing), + 'streetAddress' => $customer_data->get('street_address', $order->billing), + 'extendedAddress' => $customer_data->get('suburb', $order->billing), + 'locality' => $customer_data->get('city', $order->billing), + 'region' => tep_get_zone_name($customer_data->get('country_id', $order->billing), $customer_data->get('zone_id', $order->billing), $customer_data->get('state', $order->billing)), + 'postalCode' => $customer_data->get('postcode', $order->billing), + 'countryCodeAlpha2' => $customer_data->get('country_iso_code_2', $order->billing), ], 'options' => [], ]; @@ -309,20 +310,30 @@ public function before_process() { } if ( $order->content_type != 'virtual' ) { + $customer_data->get('country', $order->delivery); $data['shipping'] = [ - 'firstName' => $order->delivery['firstname'], - 'lastName' => $order->delivery['lastname'], - 'company' => $order->delivery['company'], - 'streetAddress' => $order->delivery['street_address'], - 'extendedAddress' => $order->delivery['suburb'], - 'locality' => $order->delivery['city'], - 'region' => tep_get_zone_name($order->delivery['country_id'], $order->delivery['zone_id'], $order->delivery['state']), - 'postalCode' => $order->delivery['postcode'], - 'countryCodeAlpha2' => $order->delivery['country']['iso_code_2'], + 'firstName' => $customer_data->get('firstname', $order->delivery), + 'lastName' => $customer_data->get('lastname', $order->delivery), + 'company' => $customer_data->get('company', $order->delivery), + 'streetAddress' => $customer_data->get('street_address', $order->delivery), + 'extendedAddress' => $customer_data->get('suburb', $order->delivery), + 'locality' => $customer_data->get('city', $order->delivery), + 'region' => tep_get_zone_name( + $customer_data->get('country_id', $order->delivery), + $customer_data->get('zone_id', $order->delivery), + $customer_data->get('state', $order->delivery)), + 'postalCode' => $customer_data->get('postcode', $order->delivery), + 'countryCodeAlpha2' => $customer_data->get('country_iso_code_2', $order->delivery), ]; } - if ( !isset($this->token) ) { + if ( isset($this->token) ) { + $data['paymentMethodToken'] = $this->token; + + if ( MODULE_PAYMENT_BRAINTREE_CC_VERIFY_WITH_CVV == 'True' ) { + $data['creditCard']['cvv'] = $braintree_token_cvv; + } + } else { $data['creditCard']['number'] = $cc_number; $data['creditCard']['expirationMonth'] = $cc_expires_month; $data['creditCard']['expirationYear'] = $cc_expires_year; @@ -334,12 +345,6 @@ public function before_process() { if ( (MODULE_PAYMENT_BRAINTREE_CC_TOKENS == 'True') && isset($_POST['cc_save']) && ($_POST['cc_save'] == 'true') ) { $data['options']['storeInVaultOnSuccess'] = true; } - } else { - $data['paymentMethodToken'] = $this->token; - - if ( MODULE_PAYMENT_BRAINTREE_CC_VERIFY_WITH_CVV == 'True' ) { - $data['creditCard']['cvv'] = $braintree_token_cvv; - } } $error = false; @@ -376,7 +381,7 @@ public function before_process() { } } - tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code, 'SSL')); + tep_redirect(tep_href_link('checkout_payment.php', 'payment_error=' . $this->code)); } public function after_process() { @@ -390,7 +395,7 @@ public function after_process() { $number = tep_db_prepare_input($this->result->transaction->creditCard['last4']); $expiry = tep_db_prepare_input($this->result->transaction->creditCard['expirationMonth'] . $this->result->transaction->creditCard['expirationYear']); - $check_query = tep_db_query("SELECT id FROM customers_braintree_tokens WHERE customers_id = '" . (int)$_SESSION['customer_id'] . "' AND braintree_token = '" . tep_db_input($token) . "' limit 1"); + $check_query = tep_db_query("SELECT id FROM customers_braintree_tokens WHERE customers_id = '" . (int)$_SESSION['customer_id'] . "' AND braintree_token = '" . tep_db_input($token) . "' LIMIT 1"); if ( tep_db_num_rows($check_query) < 1 ) { $sql_data = [ 'customers_id' => (int)$_SESSION['customer_id'], diff --git a/includes/modules/payment/paypal_express.php b/includes/modules/payment/paypal_express.php index ad8353f2c..2800a3303 100644 --- a/includes/modules/payment/paypal_express.php +++ b/includes/modules/payment/paypal_express.php @@ -81,7 +81,7 @@ function __construct() { unset($_SESSION['appPayPalEcRightTurn']); if ( isset($_SESSION['payment']) && ($_SESSION['payment'] == $this->code) ) { - tep_redirect(tep_href_link('checkout_confirmation.php', '', 'SSL')); + tep_redirect(tep_href_link('checkout_confirmation.php')); } } @@ -104,9 +104,9 @@ function update_status() { global $order; if ( $this->enabled && ((int)OSCOM_APP_PAYPAL_EC_ZONE > 0) ) { - $check_query = tep_db_query("SELECT zone_id FROM zones_to_geo_zones WHERE geo_zone_id = " . (int)OSCOM_APP_PAYPAL_EC_ZONE . " and zone_country_id = " . (int)$order->delivery['country']['id'] . " ORDER BY zone_id"); + $check_query = tep_db_query("SELECT zone_id FROM zones_to_geo_zones WHERE geo_zone_id = " . (int)OSCOM_APP_PAYPAL_EC_ZONE . " and zone_country_id = " . (int)$GLOBALS['customer_data']->get('country_id', $order->delivery) . " ORDER BY zone_id"); while ($check = tep_db_fetch_array($check_query)) { - if (($check['zone_id'] < 1) || ($check['zone_id'] == $order->delivery['zone_id'])) { + if (($check['zone_id'] < 1) || ($check['zone_id'] == $GLOBALS['customer_data']->get('zone_id', $order->delivery))) { return; } } @@ -145,13 +145,13 @@ function checkout_initialization_method() { $image_button = $this->_app->getDef('module_ec_button_url'); } - $button_title = tep_output_string_protected($this->_app->getDef('module_ec_button_title')); + $button_title = htmlspecialchars($this->_app->getDef('module_ec_button_title')); if ( OSCOM_APP_PAYPAL_EC_STATUS == '0' ) { $button_title .= ' (' . $this->code . '; Sandbox)'; } - $string .= ''; + $string .= ''; } else { $string .= ''; @@ -160,9 +160,9 @@ function checkout_initialization_method() { $server = (OSCOM_APP_PAYPAL_EC_STATUS === '1') ? 'production' : 'sandbox'; - $ppecset_url = tep_href_link('ext/modules/payment/paypal/express.php', 'format=json', 'SSL'); + $ppecset_url = tep_href_link('ext/modules/payment/paypal/express.php', 'format=json'); - $ppecerror_url = tep_href_link('ext/modules/payment/paypal/express.php', 'osC_Action=setECError', 'SSL'); + $ppecerror_url = tep_href_link('ext/modules/payment/paypal/express.php', 'osC_Action=setECError'); switch (OSCOM_APP_PAYPAL_EC_INCONTEXT_BUTTON_COLOR) { case '3': @@ -243,13 +243,13 @@ function checkout_initialization_method() { } else { $image_button = $this->_app->getDef('module_ec_button_url'); - $button_title = tep_output_string_protected($this->_app->getDef('module_ec_button_title')); + $button_title = htmlspecialchars($this->_app->getDef('module_ec_button_title')); if (OSCOM_APP_PAYPAL_EC_STATUS == '0') { $button_title .= ' (' . $this->code . '; Sandbox)'; } - $string .= ''; + $string .= ''; } return $string; @@ -270,20 +270,20 @@ function pre_confirmation_check() { global $order; if ( !isset($_SESSION['appPayPalEcResult']) ) { - tep_redirect(tep_href_link('ext/modules/payment/paypal/express.php', '', 'SSL')); + tep_redirect(tep_href_link('ext/modules/payment/paypal/express.php')); } if ( OSCOM_APP_PAYPAL_GATEWAY == '1' ) { // PayPal if ( !in_array($_SESSION['appPayPalEcResult']['ACK'], ['Success', 'SuccessWithWarning']) ) { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($_SESSION['appPayPalEcResult']['L_LONGMESSAGE0']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($_SESSION['appPayPalEcResult']['L_LONGMESSAGE0']))); } elseif ( !isset($_SESSION['appPayPalEcSecret']) || ($_SESSION['appPayPalEcResult']['PAYMENTREQUEST_0_CUSTOM'] != $_SESSION['appPayPalEcSecret']) ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } } else { // Payflow if ($_SESSION['appPayPalEcResult']['RESULT'] != '0') { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($_SESSION['appPayPalEcResult']['OSCOM_ERROR_MESSAGE']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($_SESSION['appPayPalEcResult']['OSCOM_ERROR_MESSAGE']))); } elseif ( !isset($_SESSION['appPayPalEcSecret']) || ($_SESSION['appPayPalEcResult']['CUSTOM'] != $_SESSION['appPayPalEcSecret']) ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } } @@ -291,15 +291,6 @@ function pre_confirmation_check() { } function confirmation() { - if (empty($_SESSION['comments'])) { - return [ - 'fields' => [ [ - 'title' => $this->_app->getDef('module_ec_field_comments'), - 'field' => tep_draw_textarea_field('ppecomments', 'soft', '60', '5', ($_SESSION['comments'] ?? null)), - ] ], - ]; - } - return false; } @@ -316,18 +307,18 @@ function before_process() { } function before_process_paypal() { - global $order, $response_array; + global $order, $response_array, $customer_data; if ( !isset($_SESSION['appPayPalEcResult']) ) { - tep_redirect(tep_href_link('ext/modules/payment/paypal/express.php', '', 'SSL')); + tep_redirect(tep_href_link('ext/modules/payment/paypal/express.php')); } if ( in_array($_SESSION['appPayPalEcResult']['ACK'], ['Success', 'SuccessWithWarning']) ) { if ( !isset($_SESSION['appPayPalEcSecret']) || ($_SESSION['appPayPalEcResult']['PAYMENTREQUEST_0_CUSTOM'] != $_SESSION['appPayPalEcSecret']) ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } } else { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($_SESSION['appPayPalEcResult']['L_LONGMESSAGE0']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($_SESSION['appPayPalEcResult']['L_LONGMESSAGE0']))); } if (empty($_SESSION['comments']) && isset($_POST['ppecomments']) && tep_not_null($_POST['ppecomments'])) { @@ -344,13 +335,17 @@ function before_process_paypal() { ]; if (is_numeric($_SESSION['sendto']) && ($_SESSION['sendto'] > 0)) { - $params['PAYMENTREQUEST_0_SHIPTONAME'] = $order->delivery['name']; - $params['PAYMENTREQUEST_0_SHIPTOSTREET'] = $order->delivery['street_address']; - $params['PAYMENTREQUEST_0_SHIPTOSTREET2'] = $order->delivery['suburb']; - $params['PAYMENTREQUEST_0_SHIPTOCITY'] = $order->delivery['city']; - $params['PAYMENTREQUEST_0_SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); - $params['PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2']; - $params['PAYMENTREQUEST_0_SHIPTOZIP'] = $order->delivery['postcode']; + $customer_data->get('country', $order->delivery); + $params['PAYMENTREQUEST_0_SHIPTONAME'] = $customer_data->get('name', $order->delivery); + $params['PAYMENTREQUEST_0_SHIPTOSTREET'] = $customer_data->get('street_address', $order->delivery); + $params['PAYMENTREQUEST_0_SHIPTOSTREET2'] = $customer_data->get('suburb', $order->delivery); + $params['PAYMENTREQUEST_0_SHIPTOCITY'] = $customer_data->get('city', $order->delivery); + $params['PAYMENTREQUEST_0_SHIPTOSTATE'] = tep_get_zone_code( + $customer_data->get('country_id', $order->delivery), + $customer_data->get('zone_id', $order->delivery), + $customer_data->get('state', $order->delivery)); + $params['PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE'] = $customer_data->get('country_iso_code_2', $order->delivery); + $params['PAYMENTREQUEST_0_SHIPTOZIP'] = $customer_data->get('postcode', $order->delivery); } $response_array = $this->_app->getApiResult('EC', 'DoExpressCheckoutPayment', $params); @@ -368,23 +363,23 @@ function before_process_paypal() { tep_redirect($paypal_url); } - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']))); } } function before_process_payflow() { - global $order, $response_array; + global $order, $response_array, $customer_data; if ( !isset($_SESSION['appPayPalEcResult']) ) { - tep_redirect(tep_href_link('ext/modules/payment/paypal/express.php', '', 'SSL')); + tep_redirect(tep_href_link('ext/modules/payment/paypal/express.php')); } if ( $_SESSION['appPayPalEcResult']['RESULT'] == '0' ) { if ( !isset($_SESSION['appPayPalEcSecret']) || ($_SESSION['appPayPalEcResult']['CUSTOM'] != $_SESSION['appPayPalEcSecret']) ) { - tep_redirect(tep_href_link('shopping_cart.php', '', 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php')); } } else { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($_SESSION['appPayPalEcResult']['OSCOM_ERROR_MESSAGE']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($_SESSION['appPayPalEcResult']['OSCOM_ERROR_MESSAGE']))); } if ( empty($_SESSION['comments']) && isset($_POST['ppecomments']) && tep_not_null($_POST['ppecomments']) ) { @@ -394,7 +389,7 @@ function before_process_payflow() { } $params = [ - 'EMAIL' => $order->customer['email_address'], + 'EMAIL' => $customer_data->get('email_address', $order->customer), 'TOKEN' => $_SESSION['appPayPalEcResult']['TOKEN'], 'PAYERID' => $_SESSION['appPayPalEcResult']['PAYERID'], 'AMT' => $this->_app->formatCurrencyRaw($order->info['total']), @@ -402,19 +397,23 @@ function before_process_payflow() { ]; if ( is_numeric($_SESSION['sendto']) && ($_SESSION['sendto'] > 0) ) { - $params['SHIPTONAME'] = $order->delivery['name']; - $params['SHIPTOSTREET'] = $order->delivery['street_address']; - $params['SHIPTOSTREET2'] = $order->delivery['suburb']; - $params['SHIPTOCITY'] = $order->delivery['city']; - $params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); - $params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2']; - $params['SHIPTOZIP'] = $order->delivery['postcode']; + $customer_data->get('country', $order->delivery); + $params['SHIPTONAME'] = $customer_data->get('name', $order->delivery); + $params['SHIPTOSTREET'] = $customer_data->get('street_address', $order->delivery); + $params['SHIPTOSTREET2'] = $customer_data->get('suburb', $order->delivery); + $params['SHIPTOCITY'] = $customer_data->get('city', $order->delivery); + $params['SHIPTOSTATE'] = tep_get_zone_code( + $customer_data->get('country_id', $order->delivery), + $customer_data->get('zone_id', $order->delivery), + $customer_data->get('state', $order->delivery)); + $params['SHIPTOCOUNTRY'] = $customer_data->get('country_iso_code_2', $order->delivery); + $params['SHIPTOZIP'] = $customer_data->get('postcode', $order->delivery); } $response_array = $this->_app->getApiResult('EC', 'PayflowDoExpressCheckoutPayment', $params); if ( $response_array['RESULT'] != '0' ) { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']))); } } @@ -429,12 +428,12 @@ function after_process() { function after_process_paypal() { global $response_array, $order_id; - $pp_result = 'Transaction ID: ' . tep_output_string_protected($response_array['PAYMENTINFO_0_TRANSACTIONID']) . "\n" . - 'Payer Status: ' . tep_output_string_protected($_SESSION['appPayPalEcResult']['PAYERSTATUS']) . "\n" . - 'Address Status: ' . tep_output_string_protected($_SESSION['appPayPalEcResult']['ADDRESSSTATUS']) . "\n" . - 'Payment Status: ' . tep_output_string_protected($response_array['PAYMENTINFO_0_PAYMENTSTATUS']) . "\n" . - 'Payment Type: ' . tep_output_string_protected($response_array['PAYMENTINFO_0_PAYMENTTYPE']) . "\n" . - 'Pending Reason: ' . tep_output_string_protected($response_array['PAYMENTINFO_0_PENDINGREASON']); + $pp_result = 'Transaction ID: ' . htmlspecialchars($response_array['PAYMENTINFO_0_TRANSACTIONID']) . "\n" . + 'Payer Status: ' . htmlspecialchars($_SESSION['appPayPalEcResult']['PAYERSTATUS']) . "\n" . + 'Address Status: ' . htmlspecialchars($_SESSION['appPayPalEcResult']['ADDRESSSTATUS']) . "\n" . + 'Payment Status: ' . htmlspecialchars($response_array['PAYMENTINFO_0_PAYMENTSTATUS']) . "\n" . + 'Payment Type: ' . htmlspecialchars($response_array['PAYMENTINFO_0_PAYMENTTYPE']) . "\n" . + 'Pending Reason: ' . htmlspecialchars($response_array['PAYMENTINFO_0_PENDINGREASON']); $sql_data = [ 'orders_id' => $order_id, @@ -453,14 +452,14 @@ function after_process_paypal() { function after_process_payflow() { global $response_array, $order_id; - $pp_result = 'Transaction ID: ' . tep_output_string_protected($response_array['PNREF']) . "\n" . + $pp_result = 'Transaction ID: ' . htmlspecialchars($response_array['PNREF']) . "\n" . 'Gateway: Payflow' . "\n" . - 'PayPal ID: ' . tep_output_string_protected($response_array['PPREF']) . "\n" . - 'Payer Status: ' . tep_output_string_protected($_SESSION['appPayPalEcResult']['PAYERSTATUS']) . "\n" . - 'Address Status: ' . tep_output_string_protected($_SESSION['appPayPalEcResult']['ADDRESSSTATUS']) . "\n" . - 'Payment Status: ' . tep_output_string_protected($response_array['PENDINGREASON']) . "\n" . - 'Payment Type: ' . tep_output_string_protected($response_array['PAYMENTTYPE']) . "\n" . - 'Response: ' . tep_output_string_protected($response_array['RESPMSG']) . "\n"; + 'PayPal ID: ' . htmlspecialchars($response_array['PPREF']) . "\n" . + 'Payer Status: ' . htmlspecialchars($_SESSION['appPayPalEcResult']['PAYERSTATUS']) . "\n" . + 'Address Status: ' . htmlspecialchars($_SESSION['appPayPalEcResult']['ADDRESSSTATUS']) . "\n" . + 'Payment Status: ' . htmlspecialchars($response_array['PENDINGREASON']) . "\n" . + 'Payment Type: ' . htmlspecialchars($response_array['PAYMENTTYPE']) . "\n" . + 'Response: ' . htmlspecialchars($response_array['RESPMSG']) . "\n"; $sql_data = [ 'orders_id' => $order_id, @@ -479,7 +478,7 @@ function after_process_payflow() { $response = $this->_app->getApiResult('APP', 'PayflowInquiry', ['ORIGID' => $response_array['PNREF']]); if ( isset($response['RESULT']) && ($response['RESULT'] == '0') ) { - $result = 'Transaction ID: ' . tep_output_string_protected($response['ORIGPNREF']) . "\n" . + $result = 'Transaction ID: ' . htmlspecialchars($response['ORIGPNREF']) . "\n" . 'Gateway: Payflow' . "\n"; $pending_reason = $response['TRANSSTATE']; @@ -509,10 +508,10 @@ function after_process_payflow() { } if ( isset($payment_status) ) { - $result .= 'Payment Status: ' . tep_output_string_protected($payment_status) . "\n"; + $result .= 'Payment Status: ' . htmlspecialchars($payment_status) . "\n"; } - $result .= 'Pending Reason: ' . tep_output_string_protected($pending_reason) . "\n"; + $result .= 'Pending Reason: ' . htmlspecialchars($pending_reason) . "\n"; switch ( $response['AVSADDR'] ) { case 'Y': diff --git a/includes/modules/payment/paypal_pro_dp.php b/includes/modules/payment/paypal_pro_dp.php index f13c0d4e9..b8df0abb4 100644 --- a/includes/modules/payment/paypal_pro_dp.php +++ b/includes/modules/payment/paypal_pro_dp.php @@ -101,9 +101,9 @@ function update_status() { global $order; if ( ($this->enabled == true) && ((int)OSCOM_APP_PAYPAL_DP_ZONE > 0) ) { - $check_query = tep_db_query("SELECT zone_id FROM zones_to_geo_zones WHERE geo_zone_id = '" . OSCOM_APP_PAYPAL_DP_ZONE . "' and zone_country_id = '" . $order->delivery['country']['id'] . "' order by zone_id"); + $check_query = tep_db_query("SELECT zone_id FROM zones_to_geo_zones WHERE geo_zone_id = " . (int)OSCOM_APP_PAYPAL_DP_ZONE . " and zone_country_id = " . (int)$customer_data->get('country_id', $order->delivery) . " order by zone_id"); while ($check = tep_db_fetch_array($check_query)) { - if (($check['zone_id'] < 1) || ($check['zone_id'] == $order->delivery['zone_id'])) { + if (($check['zone_id'] < 1) || ($check['zone_id'] == $customer_data->get('zone_id', $order->delivery))) { return; } } @@ -167,7 +167,7 @@ function confirmation() { . ' ' . ' ' . ' ' - . ' ' + . ' ' . ' ' . ' ' . ' ' @@ -217,9 +217,10 @@ function before_process() { } function before_process_paypal() { - global $order, $response_array; + global $order, $response_array, $customer_data; - if ( isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && $this->isCardAccepted($_POST['cc_type']) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns']) ) { + if ( !empty($_POST['cc_owner']) && !empty($_POST['cc_number_nh-dns']) && isset($_POST['cc_type']) && $this->isCardAccepted($_POST['cc_type']) ) { + $customer_data->get('country', $order->billing); $params = [ 'AMT' => $this->_app->formatCurrencyRaw($order->info['total']), 'CREDITCARDTYPE' => $_POST['cc_type'], @@ -228,14 +229,17 @@ function before_process_paypal() { 'CVV2' => $_POST['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($_POST['cc_owner'], 0, strpos($_POST['cc_owner'], ' ')), 'LASTNAME' => substr($_POST['cc_owner'], strpos($_POST['cc_owner'], ' ')+1), - 'STREET' => $order->billing['street_address'], - 'STREET2' => $order->billing['suburb'], - 'CITY' => $order->billing['city'], - 'STATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), - 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], - 'ZIP' => $order->billing['postcode'], - 'EMAIL' => $order->customer['email_address'], - 'SHIPTOPHONENUM' => $order->customer['telephone'], + 'STREET' => $customer_data->get('street_address', $order->billing), + 'STREET2' => $customer_data->get('suburb', $order->billing), + 'CITY' => $customer_data->get('city', $order->billing), + 'STATE' => tep_get_zone_code( + $customer_data->get('country_id', $order->billing), + $customer_data->get('zone_id', $order->billing), + $customer_data->get('state', $order->billing)), + 'COUNTRYCODE' => $customer_data->get('country_iso_code_2', $order->billing), + 'ZIP' => $customer_data->get('postcode', $order->billing), + 'EMAIL' => $customer_data->get('email_address', $order->customer), + 'SHIPTOPHONENUM' => $customer_data->get('telephone', $order->customer), 'CURRENCYCODE' => $order->info['currency'], ]; @@ -245,13 +249,17 @@ function before_process_paypal() { } if ( is_numeric($_SESSION['sendto']) && ($_SESSION['sendto'] > 0) ) { - $params['SHIPTONAME'] = $order->delivery['name']; - $params['SHIPTOSTREET'] = $order->delivery['street_address']; - $params['SHIPTOSTREET2'] = $order->delivery['suburb']; - $params['SHIPTOCITY'] = $order->delivery['city']; - $params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); - $params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2']; - $params['SHIPTOZIP'] = $order->delivery['postcode']; + $customer_data->get('country', $order->delivery); + $params['SHIPTONAME'] = $customer_data->get('name', $order->delivery); + $params['SHIPTOSTREET'] = $customer_data->get('street_address', $order->delivery); + $params['SHIPTOSTREET2'] = $customer_data->get('suburb', $order->delivery); + $params['SHIPTOCITY'] = $customer_data->get('city', $order->delivery); + $params['SHIPTOSTATE'] = tep_get_zone_code( + $customer_data->get('country_id', $order->delivery), + $customer_data->get('zone_id', $order->delivery), + $customer_data->get('state', $order->delivery)); + $params['SHIPTOCOUNTRYCODE'] = $customer_data->get('country_iso_code_2', $order->delivery); + $params['SHIPTOZIP'] = $customer_data->get('postcode', $order->delivery); } $item_params = []; @@ -291,43 +299,51 @@ function before_process_paypal() { $response_array = $this->_app->getApiResult('DP', 'DoDirectPayment', $params); if ( !in_array($response_array['ACK'], ['Success', 'SuccessWithWarning']) ) { - tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL')); + tep_redirect(tep_href_link('shopping_cart.php', 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']))); } } else { - tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $this->_app->getDef('module_dp_error_all_fields_required'), 'SSL')); + tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $this->_app->getDef('module_dp_error_all_fields_required'))); } } function before_process_payflow() { - global $order, $response_array; + global $order, $response_array, $customer_data; if ( !empty($_POST['cc_owner']) && !empty($_POST['cc_number_nh-dns']) && isset($_POST['cc_type']) && $this->isCardAccepted($_POST['cc_type']) ) { + $customer_data->get('country', $order->billing); $params = [ 'AMT' => $this->_app->formatCurrencyRaw($order->info['total']), 'CURRENCY' => $order->info['currency'], 'BILLTOFIRSTNAME' => substr($_POST['cc_owner'], 0, strpos($_POST['cc_owner'], ' ')), 'BILLTOLASTNAME' => substr($_POST['cc_owner'], strpos($_POST['cc_owner'], ' ')+1), - 'BILLTOSTREET' => $order->billing['street_address'], - 'BILLTOSTREET2' => $order->billing['suburb'], - 'BILLTOCITY' => $order->billing['city'], - 'BILLTOSTATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), - 'BILLTOCOUNTRY' => $order->billing['country']['iso_code_2'], - 'BILLTOZIP' => $order->billing['postcode'], - 'EMAIL' => $order->customer['email_address'], + 'BILLTOSTREET' => $customer_data->get('street_address', $order->billing), + 'BILLTOSTREET2' => $customer_data->get('suburb', $order->billing), + 'BILLTOCITY' => $customer_data->get('city', $order->billing), + 'BILLTOSTATE' => tep_get_zone_code( + $customer_data->get('country_id', $order->billing), + $customer_data->get('zone_id', $order->billing), + $customer_data->get('state', $order->billing)), + 'BILLTOCOUNTRY' => $customer_data->get('country_iso_code_2', $order->billing), + 'BILLTOZIP' => $customer_data->get('postcode', $order->billing), + 'EMAIL' => $customer_data->get('email_address', $order->customer), 'ACCT' => $_POST['cc_number_nh-dns'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], ]; if ( is_numeric($_SESSION['sendto']) && ($_SESSION['sendto'] > 0) ) { - $params['SHIPTOFIRSTNAME'] = $order->delivery['firstname']; - $params['SHIPTOLASTNAME'] = $order->delivery['lastname']; - $params['SHIPTOSTREET'] = $order->delivery['street_address']; - $params['SHIPTOSTREET2'] = $order->delivery['suburb']; - $params['SHIPTOCITY'] = $order->delivery['city']; - $params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); - $params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2']; - $params['SHIPTOZIP'] = $order->delivery['postcode']; + $customer_data->get('country', $order->delivery); + $params['SHIPTOFIRSTNAME'] = $customer_data->get('firstname', $order->delivery); + $params['SHIPTOLASTNAME'] = $customer_data->get('lastname', $order->delivery); + $params['SHIPTOSTREET'] = $customer_data->get('street_address', $order->delivery); + $params['SHIPTOSTREET2'] = $customer_data->get('suburb', $order->delivery); + $params['SHIPTOCITY'] = $customer_data->get('city', $order->delivery); + $params['SHIPTOSTATE'] = tep_get_zone_code( + $customer_data->get('country_id', $order->delivery), + $customer_data->get('zone_id', $order->delivery), + $customer_data->get('state', $order->delivery)); + $params['SHIPTOCOUNTRY'] = $customer_data->get('country_iso_code_2', $order->delivery); + $params['SHIPTOZIP'] = $customer_data->get('postcode', $order->delivery); } $item_params = []; @@ -398,10 +414,10 @@ function before_process_payflow() { break; } - tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $error_message, 'SSL')); + tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $error_message)); } } else { - tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $this->_app->getDef('module_dp_error_all_fields_required'), 'SSL')); + tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $this->_app->getDef('module_dp_error_all_fields_required'))); } } @@ -418,18 +434,18 @@ function after_process_paypal() { $details = $this->_app->getApiResult('APP', 'GetTransactionDetails', ['TRANSACTIONID' => $response_array['TRANSACTIONID']], (OSCOM_APP_PAYPAL_DP_STATUS == '1') ? 'live' : 'sandbox'); - $result = 'Transaction ID: ' . tep_output_string_protected($response_array['TRANSACTIONID']) . "\n"; + $result = 'Transaction ID: ' . htmlspecialchars($response_array['TRANSACTIONID']) . "\n"; if ( in_array($details['ACK'], ['Success', 'SuccessWithWarning']) ) { - $result .= 'Payer Status: ' . tep_output_string_protected($details['PAYERSTATUS']) . "\n" - . 'Address Status: ' . tep_output_string_protected($details['ADDRESSSTATUS']) . "\n" - . 'Payment Status: ' . tep_output_string_protected($details['PAYMENTSTATUS']) . "\n" - . 'Payment Type: ' . tep_output_string_protected($details['PAYMENTTYPE']) . "\n" - . 'Pending Reason: ' . tep_output_string_protected($details['PENDINGREASON']) . "\n"; + $result .= 'Payer Status: ' . htmlspecialchars($details['PAYERSTATUS']) . "\n" + . 'Address Status: ' . htmlspecialchars($details['ADDRESSSTATUS']) . "\n" + . 'Payment Status: ' . htmlspecialchars($details['PAYMENTSTATUS']) . "\n" + . 'Payment Type: ' . htmlspecialchars($details['PAYMENTTYPE']) . "\n" + . 'Pending Reason: ' . htmlspecialchars($details['PENDINGREASON']) . "\n"; } - $result .= 'AVS Code: ' . tep_output_string_protected($response_array['AVSCODE']) . "\n" - . 'CVV2 Match: ' . tep_output_string_protected($response_array['CVV2MATCH']); + $result .= 'AVS Code: ' . htmlspecialchars($response_array['AVSCODE']) . "\n" + . 'CVV2 Match: ' . htmlspecialchars($response_array['CVV2MATCH']); $sql_data = [ 'orders_id' => $order_id, @@ -447,10 +463,10 @@ function after_process_payflow() { $details = $this->_app->getApiResult('APP', 'PayflowInquiry', ['ORIGID' => $response_array['PNREF']], (OSCOM_APP_PAYPAL_DP_STATUS == '1') ? 'live' : 'sandbox'); - $result = 'Transaction ID: ' . tep_output_string_protected($response_array['PNREF']) . "\n" + $result = 'Transaction ID: ' . htmlspecialchars($response_array['PNREF']) . "\n" . 'Gateway: Payflow' . "\n" - . 'PayPal ID: ' . tep_output_string_protected($response_array['PPREF']) . "\n" - . 'Response: ' . tep_output_string_protected($response_array['RESPMSG']) . "\n"; + . 'PayPal ID: ' . htmlspecialchars($response_array['PPREF']) . "\n" + . 'Response: ' . htmlspecialchars($response_array['RESPMSG']) . "\n"; if ( isset($details['RESULT']) && ($details['RESULT'] == '0') ) { $pending_reason = $details['TRANSSTATE']; @@ -480,10 +496,10 @@ function after_process_payflow() { } if ( isset($payment_status) ) { - $result .= 'Payment Status: ' . tep_output_string_protected($payment_status) . "\n"; + $result .= 'Payment Status: ' . htmlspecialchars($payment_status) . "\n"; } - $result .= 'Pending Reason: ' . tep_output_string_protected($pending_reason) . "\n"; + $result .= 'Pending Reason: ' . htmlspecialchars($pending_reason) . "\n"; } switch ( $response_array['AVSADDR'] ) { diff --git a/includes/modules/payment/paypal_pro_hs.php b/includes/modules/payment/paypal_pro_hs.php index 550641626..71551528c 100644 --- a/includes/modules/payment/paypal_pro_hs.php +++ b/includes/modules/payment/paypal_pro_hs.php @@ -79,7 +79,7 @@ function __construct() { } if ( $this->enabled === true ) { - if ( isset($order) && is_object($order) ) { + if ( isset($order->billing) ) { $this->update_status(); } } @@ -88,10 +88,10 @@ function __construct() { function update_status() { global $order; - if ( ($this->enabled == true) && ((int)OSCOM_APP_PAYPAL_HS_ZONE > 0) ) { - $check_query = tep_db_query("SELECT zone_id FROM zones_to_geo_zones WHERE geo_zone_id = '" . OSCOM_APP_PAYPAL_HS_ZONE . "' AND zone_country_id = '" . $order->billing['country']['id'] . "' ORDER BY zone_id"); + if ( $this->enabled && ((int)OSCOM_APP_PAYPAL_HS_ZONE > 0) ) { + $check_query = tep_db_query("SELECT zone_id FROM zones_to_geo_zones WHERE geo_zone_id = '" . (int)OSCOM_APP_PAYPAL_HS_ZONE . "' AND zone_country_id = '" . (int)$GLOBALS['customer_data']->get('country_id', $order->billing) . "' ORDER BY zone_id"); while ($check = tep_db_fetch_array($check_query)) { - if (($check['zone_id'] < 1) || ($check['zone_id'] == $order->billing['zone_id'])) { + if (($check['zone_id'] < 1) || ($check['zone_id'] === $GLOBALS['customer_data']->get('zone_id', $order->billing))) { return; } } @@ -133,7 +133,7 @@ function pre_confirmation_check() { } function confirmation() { - global $order, $order_total_modules; + global $order, $order_total_modules, $customer_data; $_SESSION['pphs_result'] = []; @@ -172,26 +172,29 @@ function confirmation() { } $params = [ - 'buyer_email' => $order->customer['email_address'], - 'cancel_return' => tep_href_link('checkout_payment.php', '', 'SSL'), + 'buyer_email' => $customer_data->get('email_address', $order->customer), + 'cancel_return' => tep_href_link('checkout_payment.php'), 'currency_code' => $_SESSION['currency'], 'invoice' => $order_id, 'custom' => $_SESSION['customer_id'], 'paymentaction' => OSCOM_APP_PAYPAL_HS_TRANSACTION_METHOD == '1' ? 'sale' : 'authorization', - 'return' => tep_href_link('checkout_process.php', '', 'SSL'), + 'return' => tep_href_link('checkout_process.php'), 'notify_url' => tep_href_link('ext/modules/payment/paypal/pro_hosted_ipn.php', '', 'SSL', false, false), 'shipping' => $this->_app->formatCurrencyRaw($order->info['shipping_cost']), 'tax' => $this->_app->formatCurrencyRaw($order->info['tax']), 'subtotal' => $this->_app->formatCurrencyRaw($order->info['total'] - $order->info['shipping_cost'] - $order->info['tax']), - 'billing_first_name' => $order->billing['firstname'], - 'billing_last_name' => $order->billing['lastname'], - 'billing_address1' => $order->billing['street_address'], - 'billing_address2' => $order->billing['suburb'], - 'billing_city' => $order->billing['city'], - 'billing_state' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), - 'billing_zip' => $order->billing['postcode'], - 'billing_country' => $order->billing['country']['iso_code_2'], - 'night_phone_b' => $order->customer['telephone'], + 'billing_first_name' => $customer_data->get('firstname', $order->billing), + 'billing_last_name' => $customer_data->get('lastname', $order->billing), + 'billing_address1' => $customer_data->get('street_address', $order->billing), + 'billing_address2' => $customer_data->get('suburb', $order->billing), + 'billing_city' => $customer_data->get('city', $order->billing), + 'billing_state' => tep_get_zone_code( + $customer_data->get('country_id', $order->billing), + $customer_data->get('zone_id', $order->billing), + $customer_data->get('state', $order->billing)), + 'billing_zip' => $customer_data->get('postcode', $order->billing), + 'billing_country' => $customer_data->get('country_iso_code_2', $order->billing), + 'night_phone_b' => $customer_data->get('telephone', $order->customer), 'template' => 'templateD', 'item_name' => STORE_NAME, 'showBillingAddress' => 'false', @@ -201,14 +204,18 @@ function confirmation() { if ( is_numeric($_SESSION['sendto']) && ($_SESSION['sendto'] > 0) ) { $params['address_override'] = 'true'; - $params['first_name'] = $order->delivery['firstname']; - $params['last_name'] = $order->delivery['lastname']; - $params['address1'] = $order->delivery['street_address']; - $params['address2'] = $order->delivery['suburb']; - $params['city'] = $order->delivery['city']; - $params['state'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); - $params['zip'] = $order->delivery['postcode']; - $params['country'] = $order->delivery['country']['iso_code_2']; + $customer_data->get('country', $order->delivery); + $params['first_name'] = $customer_data->get('firstname', $order->delivery); + $params['last_name'] = $customer_data->get('lastname', $order->delivery); + $params['address1'] = $customer_data->get('street_address', $order->delivery); + $params['address2'] = $customer_data->get('suburb', $order->delivery); + $params['city'] = $customer_data->get('city', $order->delivery); + $params['state'] = tep_get_zone_code( + $customer_data->get('country_id', $order->delivery), + $customer_data->get('zone_id', $order->delivery), + $customer_data->get('state', $order->delivery)); + $params['zip'] = $customer_data->get('postcode', $order->delivery); + $params['country'] = $customer_data->get('country_iso_code_2', $order->delivery); } $return_link_title = $this->_app->getDef('module_hs_button_return_to_store', ['storename' => STORE_NAME]); @@ -222,8 +229,8 @@ function confirmation() { $_SESSION['pphs_key'] = tep_create_random_value(16); - $iframe_url = tep_href_link('ext/modules/payment/paypal/hosted_checkout.php', 'key=' . $_SESSION['pphs_key'], 'SSL'); - $form_url = tep_href_link('checkout_payment.php', 'payment_error=paypal_pro_hs', 'SSL'); + $iframe_url = tep_href_link('ext/modules/payment/paypal/hosted_checkout.php', 'key=' . $_SESSION['pphs_key']); + $form_url = tep_href_link('checkout_payment.php', 'payment_error=paypal_pro_hs'); // include jquery if it doesn't exist in the template $output = <<_app->formatCurrencyRaw($total['value'], $order['currency'], $order['currency_value']) ) { - $comment_status .= "\n" . 'OSCOM Error Total Mismatch: PayPal transaction value (' . tep_output_string_protected($tx_amount) . ') does not match order value (' . $this->_app->formatCurrencyRaw($total['value'], $order['currency'], $order['currency_value']) . ')'; + $comment_status .= "\n" . 'OSCOM Error Total Mismatch: PayPal transaction value (' . htmlspecialchars($tx_amount) . ') does not match order value (' . $this->_app->formatCurrencyRaw($total['value'], $order['currency'], $order['currency_value']) . ')'; } elseif ( $tx_payment_status == 'Completed' ) { $new_order_status = (OSCOM_APP_PAYPAL_HS_ORDER_STATUS_ID > 0 ? OSCOM_APP_PAYPAL_HS_ORDER_STATUS_ID : $new_order_status); } diff --git a/includes/modules/payment/paypoint_secpay.php b/includes/modules/payment/paypoint_secpay.php index d0573a01a..7d5fcfb5e 100644 --- a/includes/modules/payment/paypoint_secpay.php +++ b/includes/modules/payment/paypoint_secpay.php @@ -18,7 +18,7 @@ class paypoint_secpay extends abstract_payment_module { public $form_action_url = 'https://www.secpay.com/java-bin/ValCard'; public function process_button() { - global $order, $currencies; + global $order, $currencies, $customer_data; switch (MODULE_PAYMENT_PAYPOINT_SECPAY_CURRENCY) { case 'Default Currency': @@ -58,25 +58,27 @@ public function process_button() { $trans_id_string = STORE_NAME . date('Ymdhis'); $trans_id = str_replace(' ', '_', $trans_id_string); + $customer_data->get('country', $order->billing); + $customer_data->get('country', $order->delivery); $process_button_string = tep_draw_hidden_field('merchant', MODULE_PAYMENT_PAYPOINT_SECPAY_MERCHANT_ID) . tep_draw_hidden_field('trans_id', $trans_id) . tep_draw_hidden_field('amount', number_format($order->info['total'] * $currencies->get_value($sec_currency), $currencies->currencies[$sec_currency]['decimal_places'], '.', '')) - . tep_draw_hidden_field('bill_name', $order->billing['name']) - . tep_draw_hidden_field('bill_addr_1', $order->billing['street_address']) - . tep_draw_hidden_field('bill_addr_2', $order->billing['suburb']) - . tep_draw_hidden_field('bill_city', $order->billing['city']) - . tep_draw_hidden_field('bill_state', $order->billing['state']) - . tep_draw_hidden_field('bill_post_code', $order->billing['postcode']) - . tep_draw_hidden_field('bill_country', $order->billing['country']['title']) - . tep_draw_hidden_field('bill_tel', $order->customer['telephone']) - . tep_draw_hidden_field('bill_email', $order->customer['email_address']) - . tep_draw_hidden_field('ship_name', $order->delivery['name']) - . tep_draw_hidden_field('ship_addr_1', $order->delivery['street_address']) - . tep_draw_hidden_field('ship_addr_2', $order->delivery['suburb']) - . tep_draw_hidden_field('ship_city', $order->delivery['city']) - . tep_draw_hidden_field('ship_state', $order->delivery['state']) - . tep_draw_hidden_field('ship_post_code', $order->delivery['postcode']) - . tep_draw_hidden_field('ship_country', $order->delivery['country']['title']) + . tep_draw_hidden_field('bill_name', $customer_data->get('name', $order->billing)) + . tep_draw_hidden_field('bill_addr_1', $customer_data->get('street_address', $order->billing)) + . tep_draw_hidden_field('bill_addr_2', $customer_data->get('suburb', $order->billing)) + . tep_draw_hidden_field('bill_city', $customer_data->get('city', $order->billing)) + . tep_draw_hidden_field('bill_state', $customer_data->get('state', $order->billing)) + . tep_draw_hidden_field('bill_post_code', $customer_data->get('postcode', $order->billing)) + . tep_draw_hidden_field('bill_country', $customer_data->get('country_name', $order->billing)) + . tep_draw_hidden_field('bill_tel', $customer_data->get('telephone', $order->customer)) + . tep_draw_hidden_field('bill_email', $customer_data->get('email_address', $order->customer)) + . tep_draw_hidden_field('ship_name', $customer_data->get('name', $order->delivery)) + . tep_draw_hidden_field('ship_addr_1', $customer_data->get('street_address', $order->delivery)) + . tep_draw_hidden_field('ship_addr_2', $customer_data->get('suburb', $order->delivery)) + . tep_draw_hidden_field('ship_city', $customer_data->get('city', $order->delivery)) + . tep_draw_hidden_field('ship_state', $customer_data->get('state', $order->delivery)) + . tep_draw_hidden_field('ship_post_code', $customer_data->get('postcode', $order->delivery)) + . tep_draw_hidden_field('ship_country', $customer_data->get('country_name', $order->delivery)) . tep_draw_hidden_field('currency', $sec_currency) . tep_draw_hidden_field('callback', tep_href_link('checkout_process.php', '', 'SSL', false) . ';' . tep_href_link('checkout_payment.php', 'payment_error=' . $this->code, 'SSL', false)) . tep_draw_hidden_field(session_name(), session_id()) diff --git a/includes/system/segments/sortable_product_columns.php b/includes/system/segments/sortable_product_columns.php index 5b5ab84ae..5f954ff4c 100644 --- a/includes/system/segments/sortable_product_columns.php +++ b/includes/system/segments/sortable_product_columns.php @@ -10,6 +10,10 @@ Released under the GNU General Public License */ + if (!isset($default_column)) { + $default_column = 'PRODUCT_LIST_NAME'; + } + $column_orderings = array_filter([ 'PRODUCT_LIST_MODEL' => " ORDER BY p.products_model%s, pd.products_name", 'PRODUCT_LIST_NAME' => " ORDER BY pd.products_name%s", @@ -20,8 +24,8 @@ 'PRODUCT_LIST_PRICE' => " ORDER BY final_price%s, pd.products_name", 'PRODUCT_LIST_ID' => " ORDER BY p.products_id%s, pd.products_name", 'PRODUCT_LIST_ORDERED' => " ORDER BY p.products_ordered%s, pd.products_name", - ], function ($k) { - return (constant($k) > 0); + ], function ($k) use ($default_column) { + return ((constant($k) > 0) || ($k === $default_column)); }, ARRAY_FILTER_USE_KEY); uksort($column_orderings, function ($a, $b) { @@ -33,11 +37,15 @@ if ( (isset($_GET['sort'])) && (preg_match('/^[1-9][ad]$/', $_GET['sort'])) && (substr($_GET['sort'], 0, -1) <= count($column_list)) ) { $sort_column = intval(substr($_GET['sort'], 0 , -1)) - 1; } else { - $i = array_search(($default_column ?? 'PRODUCT_LIST_NAME'), $column_list, true); - if (false !== $i) { - $sort_column = $i; - $_GET['sort'] = ($sort_column + 1) . ($sort_order ?? 'a'); + $sort_column = array_search($default_column, $column_list, true); + if (false === $sort_column) { + $sort_column = 0; + error_log(sprintf( + 'Cannot find default sort column: [%s]', + $default_column)); } + + $_GET['sort'] = ($sort_column + 1) . ($sort_order ?? 'a'); } $direction = ('d' === substr($_GET['sort'], -1)) ? ' DESC' : ''; @@ -45,7 +53,7 @@ $parameters = [ 'column_list' => &$column_list, 'column_orderings' => &$column_orderings, - 'default_column' => $default_column ?? null, + 'default_column' => &$default_column, 'direction' => &$direction, 'listing_sql' => &$listing_sql, 'sort_column' => &$sort_column, diff --git a/includes/system/versioned/1.0.4.5/hooks.php b/includes/system/versioned/1.0.4.5/hooks.php index f6928587d..a6732cc99 100644 --- a/includes/system/versioned/1.0.4.5/hooks.php +++ b/includes/system/versioned/1.0.4.5/hooks.php @@ -9,23 +9,6 @@ Released under the GNU General Public License */ - function &tep_guarantee_subarray(&$data, $key) { - if (!isset($data[$key]) || !is_array($data[$key])) { - $data[$key] = []; - } - - return $data[$key]; - } - - function &tep_guarantee_all(&$data, ...$keys) { - $current = &$data; - foreach ($keys as $key) { - $current = &tep_guarantee_subarray($current, $key); - } - - return $current; - } - class hooks { private $_site; @@ -60,7 +43,7 @@ private function load($group, $alias) { while ($hook = tep_db_fetch_array($hooks_query)) { if ('' === $hook['hooks_class'] && function_exists($hook['hooks_method'])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = $hook['hooks_method']; continue; } @@ -75,7 +58,7 @@ private function load($group, $alias) { } if (method_exists($object, $hook['hooks_method'])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = [$object, $hook['hooks_method']]; } } @@ -110,7 +93,7 @@ public function register($group, $alias = null) { foreach ( get_class_methods($GLOBALS[$class]) as $method ) { if ( substr($method, 0, $this->prefix_length) === self::PREFIX ) { $action = substr($method, $this->prefix_length); - tep_guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] = [$GLOBALS[$class], $method]; } } diff --git a/includes/system/versioned/1.0.5.1/abstract_block_module.php b/includes/system/versioned/1.0.5.1/abstract_block_module.php index b80227095..7f1fe7d98 100644 --- a/includes/system/versioned/1.0.5.1/abstract_block_module.php +++ b/includes/system/versioned/1.0.5.1/abstract_block_module.php @@ -26,6 +26,9 @@ function __construct() { case 'Left': $this->group = 'navbar_modules_left'; break; + case 'Center': + $this->group = 'navbar_modules_center'; + break; case 'Right': $this->group = 'navbar_modules_right'; break; diff --git a/includes/system/versioned/1.0.5.1/customer_data.php b/includes/system/versioned/1.0.5.1/customer_data.php index 13a73a740..0a836bd19 100644 --- a/includes/system/versioned/1.0.5.1/customer_data.php +++ b/includes/system/versioned/1.0.5.1/customer_data.php @@ -37,7 +37,7 @@ function __construct() { if (method_exists($GLOBALS[$class], 'get_group')) { $group = $GLOBALS[$class]->get_group(); if (is_scalar($group)) { - tep_guarantee_subarray($this->grouped_modules, $group); + Guarantor::guarantee_subarray($this->grouped_modules, $group); $this->grouped_modules[$group][] = &$GLOBALS[$class]; } } diff --git a/includes/system/versioned/1.0.5.1/customer_write.php b/includes/system/versioned/1.0.5.1/customer_write.php index 996f2a08d..4b4009ee6 100644 --- a/includes/system/versioned/1.0.5.1/customer_write.php +++ b/includes/system/versioned/1.0.5.1/customer_write.php @@ -67,7 +67,7 @@ public static function update($db_tables, $criteria = []) { foreach ($foreign_keys as $foreign_key => $tables) { foreach ($tables as $db_table) { - tep_guarantee_subarray($criteria, $db_table); + Guarantor::guarantee_subarray($criteria, $db_table); if (!isset($criteria[$db_table][$foreign_key])) { $foreign_table = self::rtrim_string_once($foreign_key, self::IDENTIFIER_SUFFIX); $criteria[$db_table][$foreign_key] = $criteria[$foreign_table][$foreign_key]; diff --git a/includes/system/versioned/1.0.5.1/requirements_manager.php b/includes/system/versioned/1.0.5.1/requirements_manager.php index 580544549..98e9a4c73 100644 --- a/includes/system/versioned/1.0.5.1/requirements_manager.php +++ b/includes/system/versioned/1.0.5.1/requirements_manager.php @@ -148,7 +148,7 @@ public function find_requirers($requirement, $exclude = '') { } if (in_array($requirement, $object::REQUIRES)) { - tep_guarantee_subarray($this->matched_requirers, $requirement); + Guarantor::guarantee_subarray($this->matched_requirers, $requirement); $this->matched_requirers[$requirement][] = get_class($object); } } diff --git a/includes/system/versioned/1.0.5.6/requirements_manager.php b/includes/system/versioned/1.0.5.6/requirements_manager.php index 2f301208b..a653e866c 100644 --- a/includes/system/versioned/1.0.5.6/requirements_manager.php +++ b/includes/system/versioned/1.0.5.6/requirements_manager.php @@ -152,7 +152,7 @@ public function find_requirers($requirement, $exclude = '') { } if (in_array($requirement, $object::REQUIRES)) { - tep_guarantee_subarray($this->matched_requirers, $requirement); + Guarantor::guarantee_subarray($this->matched_requirers, $requirement); $this->matched_requirers[$requirement][] = get_class($object); } } diff --git a/includes/system/versioned/1.0.5.7/hooks.php b/includes/system/versioned/1.0.5.7/hooks.php index c21d422f1..81615189a 100644 --- a/includes/system/versioned/1.0.5.7/hooks.php +++ b/includes/system/versioned/1.0.5.7/hooks.php @@ -9,23 +9,6 @@ Released under the GNU General Public License */ - function &tep_guarantee_subarray(&$data, $key) { - if (!isset($data[$key]) || !is_array($data[$key])) { - $data[$key] = []; - } - - return $data[$key]; - } - - function &tep_guarantee_all(&$data, ...$keys) { - $current = &$data; - foreach ($keys as $key) { - $current = &tep_guarantee_subarray($current, $key); - } - - return $current; - } - class hooks { private $_site; @@ -60,7 +43,7 @@ private function load($group, $alias) { while ($hook = tep_db_fetch_array($hooks_query)) { if ('' === $hook['hooks_class'] && function_exists($hook['hooks_method'])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = $hook['hooks_method']; continue; } @@ -75,7 +58,7 @@ private function load($group, $alias) { } if (method_exists($object, $hook['hooks_method'])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = [$object, $hook['hooks_method']]; } } @@ -110,7 +93,7 @@ public function register($group, $alias = null) { foreach ( get_class_methods($GLOBALS[$class]) as $method ) { if ( substr($method, 0, $this->prefix_length) === self::PREFIX ) { $action = substr($method, $this->prefix_length); - tep_guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] = [$GLOBALS[$class], $method]; } } diff --git a/includes/system/versioned/1.0.7.2/hooks.php b/includes/system/versioned/1.0.7.2/hooks.php index 92852ffff..b84eb9018 100644 --- a/includes/system/versioned/1.0.7.2/hooks.php +++ b/includes/system/versioned/1.0.7.2/hooks.php @@ -9,23 +9,6 @@ Released under the GNU General Public License */ - function &tep_guarantee_subarray(&$data, $key) { - if (!isset($data[$key]) || !is_array($data[$key])) { - $data[$key] = []; - } - - return $data[$key]; - } - - function &tep_guarantee_all(&$data, ...$keys) { - $current = &$data; - foreach ($keys as $key) { - $current = &tep_guarantee_subarray($current, $key); - } - - return $current; - } - class hooks { private $_site; @@ -66,7 +49,7 @@ private function load($group, $alias) { while ($hook = tep_db_fetch_array($hooks_query)) { if ('' === $hook['hooks_class'] && function_exists($hook['hooks_method'])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = $hook['hooks_method']; continue; } @@ -81,7 +64,7 @@ private function load($group, $alias) { } if (method_exists($object, $hook['hooks_method'])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = [$object, $hook['hooks_method']]; } } @@ -111,7 +94,7 @@ protected function register_directory($directory, $group, $alias, &$files) { foreach ( get_class_methods($GLOBALS[$class]) as $method ) { if ( substr($method, 0, $this->prefix_length) === self::PREFIX ) { $action = substr($method, $this->prefix_length); - tep_guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] = [$GLOBALS[$class], $method]; } } diff --git a/includes/system/versioned/1.0.7.4/hooks.php b/includes/system/versioned/1.0.7.4/hooks.php index e66a6e4da..3c92717ec 100644 --- a/includes/system/versioned/1.0.7.4/hooks.php +++ b/includes/system/versioned/1.0.7.4/hooks.php @@ -9,23 +9,6 @@ Released under the GNU General Public License */ - function &tep_guarantee_subarray(&$data, $key) { - if (!isset($data[$key]) || !is_array($data[$key])) { - $data[$key] = []; - } - - return $data[$key]; - } - - function &tep_guarantee_all(&$data, ...$keys) { - $current = &$data; - foreach ($keys as $key) { - $current = &tep_guarantee_subarray($current, $key); - } - - return $current; - } - class hooks { private $_site; @@ -66,7 +49,7 @@ private function load($group, $alias) { while ($hook = tep_db_fetch_array($hooks_query)) { if ('' === $hook['hooks_class'] && is_callable($hook['hooks_method'])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = $hook['hooks_method']; continue; } @@ -78,7 +61,7 @@ private function load($group, $alias) { if (is_callable([$hook['hooks_class'], $hook['hooks_method']])) { $method = new \ReflectionMethod($hook['hooks_class'], $hook['hooks_method']); if ($method->isStatic()) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = [$hook['hooks_class'], $hook['hooks_method']]; continue; } @@ -94,7 +77,7 @@ private function load($group, $alias) { } if (is_callable([$object, $hook['hooks_method']])) { - tep_guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $hook['hooks_action'])[$hook['hooks_code']] = [$object, $hook['hooks_method']]; } } @@ -124,7 +107,7 @@ protected function register_directory($directory, $group, $alias, &$files) { foreach ( get_class_methods($GLOBALS[$class]) as $method ) { if ( substr($method, 0, $this->prefix_length) === self::PREFIX ) { $action = substr($method, $this->prefix_length); - tep_guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] = [$GLOBALS[$class], $method]; } } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/capabilities_manager.php b/includes/system/versioned/1.0.7.other/1.0.7.12/capabilities_manager.php new file mode 100644 index 000000000..ff61e0ab7 --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/capabilities_manager.php @@ -0,0 +1,29 @@ + &static::$capabilities, + ]; + + $GLOBALS['OSCOM_Hooks']->call('system', static::LISTENER_NAME, $parameters); + } + } + + public function can($key) { + return isset(static::$capabilities[$key]) && is_callable(static::$capabilities[$key]); + } + + } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/guarantor.php b/includes/system/versioned/1.0.7.other/1.0.7.12/guarantor.php new file mode 100644 index 000000000..a71b3c6ed --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/guarantor.php @@ -0,0 +1,50 @@ +_site = basename($site); + $this->prefix_length = strlen(self::PREFIX); + $this->add_directory(DIR_FS_CATALOG . 'includes/hooks/'); + } + + public function add_directory($directory) { + $this->hook_directories[] = $directory . $this->_site . '/'; + } + + private function sort_hooks() { + foreach ( $this->_hooks as &$groups ) { + foreach ( $groups as &$actions ) { + foreach ( $actions as &$codes ) { + uksort($codes, 'strnatcmp'); + } + } + } + } + + private function build_callback($class, $method) { + if ('' === $class) { + return $method; + } + + if (isset($_SESSION[$class]) && is_callable([$_SESSION[$class], $method])) { + return [$_SESSION[$class], $method]; + } + + if (!class_exists($class)) { + return null; + } + + if (is_callable([$class, $method])) { + $m = new \ReflectionMethod($class, $method); + if ($m->isStatic()) { + return [$class, $method]; + } + } + + return [Guarantor::ensure_global($class), $method]; + } + + private function load($group, $alias) { + $hooks_query = tep_db_query(sprintf(<<<'EOSQL' +SELECT hooks_action, hooks_code, hooks_class, hooks_method + FROM hooks + WHERE hooks_site = '%s' AND hooks_group = '%s' +EOSQL +, tep_db_input($this->_site), tep_db_input($group))); + + while ($hook = tep_db_fetch_array($hooks_query)) { + $callback = $this->build_callback($hook['hooks_class'], $hook['hooks_method']); + if (is_callable($callback)) { + Guarantor::guarantee_all( + $this->_hooks, + $this->_site, + $alias, + $hook['hooks_action'] + )[$hook['hooks_code']] = $callback; + } + } + + $this->sort_hooks(); + } + + protected function register_directory($directory, $group, $alias, &$files) { + if ( file_exists($directory) ) { + if ( $dir = @dir($directory) ) { + while ( $file = $dir->read() ) { + if ( !is_dir($directory . '/' . $file) ) { + $files[] = $file; + } + } + + $dir->close(); + } + + foreach ($files as $file) { + $code = pathinfo($file, PATHINFO_FILENAME); + if ( 'php' === pathinfo($file, PATHINFO_EXTENSION) ) { + $class = "hook_{$this->_site}_{$group}_{$code}"; + + Guarantor::ensure_global($class); + + foreach ( get_class_methods($GLOBALS[$class]) as $method ) { + if ( substr($method, 0, $this->prefix_length) === self::PREFIX ) { + $action = substr($method, $this->prefix_length); + Guarantor::guarantee_all($this->_hooks, $this->_site, $alias, $action)[$code] + = [$GLOBALS[$class], $method]; + } + } + } + } + } + } + + public function register($group, $alias = null) { + $group = basename($group); + $alias = is_null($alias) ? $group : basename($alias); + + $files = []; + foreach ($this->hook_directories as $directory) { + $this->register_directory("$directory$group", $group, $alias, $files); + } + + $this->load($group, $alias); + } + + public function register_page() { + $this->page = pathinfo($GLOBALS['PHP_SELF'], PATHINFO_FILENAME); + $this->register('siteWide', $this->page); + $this->register($this->page); + $this->call('siteWide', 'injectAppTop'); + } + + public function register_pipeline($pipeline, &$parameters = null) { + $this->pipelines[] = $pipeline; + $this->register($pipeline, $this->page); + $this->call($this->page, "{$pipeline}Start", $parameters); + } + + public function call($group, $action, &$parameters = []) { + if (('siteWide' === $group) || in_array($group, $this->pipelines)) { + $group = $this->page; + } + + $result = ''; + foreach ( @(array)$this->_hooks[$this->_site][$group][$action] as $callback ) { + $result .= call_user_func($callback, $parameters); + } + + if ( $result ) { + return $result; + } + } + + public function generate($group = null, $action, $parameters = []) { + foreach ( @(array)$this->_hooks[$this->_site][$group ?? $this->page][$action] as $callback ) { + yield call_user_func($callback, $parameters); + } + } + + public function get_hook_directories() { + return $this->hook_directories; + } + + } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/language.php b/includes/system/versioned/1.0.7.other/1.0.7.12/language.php new file mode 100644 index 000000000..023af30cd --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/language.php @@ -0,0 +1,188 @@ + (detect_language.php v0.1 04/02/2002) +*/ + + class language { + + const LANGUAGES = [ + 'af' => 'af|afrikaans', + 'ar' => 'ar([-_][[:alpha:]]{2})?|arabic', + 'be' => 'be|belarusian', + 'bg' => 'bg|bulgarian', + 'br' => 'pt[-_]br|brazilian portuguese', + 'ca' => 'ca|catalan', + 'cs' => 'cs|czech', + 'da' => 'da|danish', + 'de' => 'de([-_][[:alpha:]]{2})?|german', + 'el' => 'el|greek', + 'en' => 'en([-_][[:alpha:]]{2})?|english', + 'es' => 'es([-_][[:alpha:]]{2})?|spanish', + 'et' => 'et|estonian', + 'eu' => 'eu|basque', + 'fa' => 'fa|farsi', + 'fi' => 'fi|finnish', + 'fo' => 'fo|faeroese', + 'fr' => 'fr([-_][[:alpha:]]{2})?|french', + 'ga' => 'ga|irish', + 'gl' => 'gl|galician', + 'he' => 'he|hebrew', + 'hi' => 'hi|hindi', + 'hr' => 'hr|croatian', + 'hu' => 'hu|hungarian', + 'id' => 'id|indonesian', + 'it' => 'it|italian', + 'ja' => 'ja|japanese', + 'ko' => 'ko|korean', + 'ka' => 'ka|georgian', + 'lt' => 'lt|lithuanian', + 'lv' => 'lv|latvian', + 'mk' => 'mk|macedonian', + 'mt' => 'mt|maltese', + 'ms' => 'ms|malaysian', + 'nl' => 'nl([-_][[:alpha:]]{2})?|dutch', + 'no' => 'no|norwegian', + 'pl' => 'pl|polish', + 'pt' => 'pt([-_][[:alpha:]]{2})?|portuguese', + 'ro' => 'ro|romanian', + 'ru' => 'ru|russian', + 'sk' => 'sk|slovak', + 'sq' => 'sq|albanian', + 'sr' => 'sr|serbian', + 'sv' => 'sv|swedish', + 'sz' => 'sz|sami', + 'sx' => 'sx|sutu', + 'th' => 'th|thai', + 'ts' => 'ts|tsonga', + 'tr' => 'tr|turkish', + 'tn' => 'tn|tswana', + 'uk' => 'uk|ukrainian', + 'ur' => 'ur|urdu', + 'vi' => 'vi|vietnamese', + 'tw' => 'zh[-_]tw|chinese traditional', + 'zh' => 'zh|chinese simplified', + 'ji' => 'ji|yiddish', + 'zu' => 'zu|zulu', + ]; + + public static function parse_browser_languages() { + $acceptable_locales = []; + foreach (explode(',', str_replace(' ', '', getenv('HTTP_ACCEPT_LANGUAGE'))) as $entry) { + $locale_qualities = explode(';q=', $entry); + $acceptable_locales[] = [ + 'locale' => $locale_qualities[0], + 'quality' => $locale_qualities[1] ?? 1, + 'codes' => explode('-', $locale_qualities[0]), + ]; + } + + usort($acceptable_locales, function ($a, $b) { + $result = $b['quality'] <=> $a['quality']; + if ((0 === $result) && ($b['codes'][0] === $a['codes'][0])) { + return count($b['codes']) <=> count($a['codes']); + } + + return $result; + }); + + return array_filter( + array_map('strtolower', array_column($acceptable_locales, 'locale')), + function ($v) { + foreach (static::LANGUAGES as $language) { + if (preg_match("{\A(?:$v)\z}", $language)) { + return true; + } + } + + return false; + }); + } + + public static function load_languages() { + $languages = []; + + $languages_query = tep_db_query("SELECT languages_id, name, code, image, directory FROM languages ORDER BY sort_order"); + while ($language = tep_db_fetch_array($languages_query)) { + $languages[$language['code']] = [ + 'id' => $language['languages_id'], + 'name' => $language['name'], + 'image' => $language['image'], + 'directory' => $language['directory'], + ]; + } + + return $languages; + } + + public static function negotiate($languages) { + $fallback = null; + foreach (static::parse_browser_languages() as $locale) { + if (isset($languages[$locale])) { + return $locale; + } + + if (is_null($fallback) && isset($languages[$locale = substr($locale, 0, 2)])) { +// if we do not yet have a fallback in case no locale matches, create one + $fallback = $locale; + } + } + + return $fallback ?? DEFAULT_LANGUAGE; + } + + public static function build() { + $languages = static::load_languages(); + + if (empty($_GET['language'])) { + $locale = static::negotiate($languages); + } else { + $locale = $_GET['language']; + } + + $language = new static($locale, $languages); + + $_SESSION['language'] = $language->language['directory']; + $_SESSION['languages_id'] = $language->language['id']; + + return $language; + } + + public static function map_to_translation($page) { + $page = "includes/languages/{$_SESSION['language']}/$page"; + $template =& Guarantor::ensure_global('oscTemplate'); + $translation = $template->map_to_template($page, 'translation') + ?? DIR_FS_CATALOG . $page; + + return file_exists($translation) ? $translation : DIR_FS_CATALOG . $page; + } + + public $catalog_languages; + public $language; + + public function __construct($selection = null, $languages = null) { + $this->catalog_languages = $languages ?? static::load_languages(); + + $this->set_language($selection); + } + + public function set_language($language) { + $this->language = $this->catalog_languages[$language ?? DEFAULT_LANGUAGE] + ?? $this->catalog_languages[DEFAULT_LANGUAGE]; + } + + public function get_browser_language() { + trigger_error('The get_browser_language function has been deprecated.', E_USER_DEPRECATED); + $this->language = $this->catalog_languages[static::negotiate($this->catalog_languages)]; + } + + } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/login.php b/includes/system/versioned/1.0.7.other/1.0.7.12/login.php new file mode 100644 index 000000000..62585e2ef --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/login.php @@ -0,0 +1,41 @@ +get('id', $GLOBALS['customer_details'])); + $_SESSION['customer_id'] = $GLOBALS['customer']->get_id(); + $GLOBALS['customer_id'] =& $_SESSION['customer_id']; + } + + public static function set_customer_id() { + $_SESSION['customer_id'] = $GLOBALS['login_customer_id']; + } + + public static function log() { + tep_db_query("UPDATE customers_info SET customers_info_date_of_last_logon = NOW(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null WHERE customers_info_id = " . (int)$_SESSION['customer_id']); + } + + public static function notify() { + tep_notify('create_account', $GLOBALS['customer']); + } + + public static function redirect_success() { + tep_redirect(tep_href_link('create_account_success.php')); + } + + public static function hook() { + $GLOBALS['hooks']->call('siteWide', 'postLogin'); + } + + } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/product.php b/includes/system/versioned/1.0.7.other/1.0.7.12/product.php new file mode 100644 index 000000000..bf7a5cfb5 --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/product.php @@ -0,0 +1,92 @@ + 0]) { + parent::__construct(); + + foreach ($data as $key => $value) { + $trimmed_key = tep_ltrim_once($key, 'products_'); + + $this->_data[isset($data[$trimmed_key]) ? $key : $trimmed_key] = $value; + } + + if (!isset($this->_data['final_price']) && isset($this->_data['base_price'])) { + $this->_data['final_price'] = $this->_data['base_price']; + } + + if (isset($this->_data['id']) && !isset($this->_data['link'])) { + $this->_data['link'] = static::build_link((int)$this->_data['id']); + } + } + + public function can($key) { + return $this->has($key) || parent::can($key); + } + + public function has($key) { + return isset($this->_data[$key]) || array_key_exists($this->_data, $key); + } + + public function get($key) { + if (!isset($this->_data[$key])) { + if (parent::can($key)) { + call_user_func(static::$capabilities[$key], $this); + } else { + return null; + } + } + + return $this->_data[$key]; + } + + public function set($key, $value) { + $this->_data[$key] = $value; + } + + public function get_data() { + return $this->_data; + } + + public function hype_price($show_special_price = true) { + if ($show_special_price && ($this->get('is_special') == 1)) { + return sprintf( + IS_PRODUCT_SHOW_PRICE_SPECIAL, + $this->format('price'), + $this->format()); + } + + return sprintf(IS_PRODUCT_SHOW_PRICE, $this->format()); + } + + public function format($price = 'final_price', $quantity = 1) { + return $GLOBALS['currencies']->display_price($this->get($price), $this->get('tax_rate'), $quantity); + } + + public function format_raw($price = 'final_price', $quantity = 1) { + return $GLOBALS['currencies']->display_raw($this->get($price), $this->get('tax_rate'), $quantity); + } + + public function increment_view_count() { + tep_db_query("UPDATE products_description SET products_viewed = products_viewed+1 WHERE products_id = " . (int)$this->get('id') . " AND language_id = " . (int)$_SESSION['languages_id']); + } + + public function find_path() { + return (($categories = $this->get('categories')) && isset($categories[0])) + ? Guarantor::ensure_global('category_tree')->find_path($categories[0]) + : ''; + } + + public function lacks_stock($quantity = null) { + return $this->get('in_stock') < ($quantity ?? $this->get('quantity')); + } + + } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/product_builder.php b/includes/system/versioned/1.0.7.other/1.0.7.12/product_builder.php new file mode 100644 index 000000000..09b7ffef1 --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/product_builder.php @@ -0,0 +1,90 @@ + 0, 1, 0) AS has_attributes +EOSQL; + + public static function build_link($product, $parameters = '') { + $product_id = is_numeric($product) ? $product : $product->get('id'); + return tep_href_link('product_info.php', "{$parameters}products_id=" . (int)$product_id); + } + + public static function build_data_attributes($product, $data = []) { + $data['data-is-special'] = $product->get('is_special'); + $data['data-product-price'] = $product->format_raw(); + $data['data-product-manufacturer'] = $product->get('manufacturers_id'); + + $product->set('data_attributes', implode(array_map(function ($key, $value) { + return ' ' . htmlspecialchars($key) . '="' . htmlspecialchars($value) . '"'; + }, array_keys($data), $data))); + + return $product->get('data_attributes'); + } + + public static function build_prid($uprid) { + $pieces = explode('{', $uprid); + return is_numeric($pieces[0]) ? (int)$pieces[0] : false; + } + + public static function build_uprid($id, $params) { + if (is_numeric($id)) { + $uprid = (int)$id; + + if (is_array($params)) { + foreach ($params as $option => $value) { + if (!is_numeric($option) || !is_numeric($value)) { + return (int)$id; + } + + $uprid .= '{' . (int)$option . '}' . (int)$value; + } + } + } else { + $first_bracket = strpos($id, '{'); + if ((false === $first_bracket) || !is_numeric($prid = Product::build_prid($id))) { + return false; + } + + $uprid = $prid; + +// strpos()+1 to remove up to and including the first { which would create an empty array element in explode() + foreach (explode('{', substr($id, $first_bracket + 1)) as $attribute) { + $pair = explode('}', $attribute, 2); + + if (!is_numeric($pair[0]) || !is_numeric($pair[1])) { + return $prid; + } + + $uprid .= '{' . (int)$pair[0] . '}' . (int)$pair[1]; + } + } + + return $uprid; + } + + public static function fetch_name($product_id, $language_id = null) { + if (empty($language_id)) { + $language_id = $_SESSION['languages_id']; + } + + $product_query = tep_db_query("SELECT products_name FROM products_description WHERE products_id = " . (int)$product_id . " AND language_id = " . (int)$language_id); + $product = tep_db_fetch_array($product_query); + + return $product['products_name']; + } + + } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/product_by_id.php b/includes/system/versioned/1.0.7.other/1.0.7.12/product_by_id.php new file mode 100644 index 000000000..a443968af --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/product_by_id.php @@ -0,0 +1,37 @@ + 0, 'id' => (int)$product_id]); + } + + } diff --git a/includes/system/versioned/1.0.7.other/1.0.7.12/product_loader.php b/includes/system/versioned/1.0.7.other/1.0.7.12/product_loader.php new file mode 100644 index 000000000..b1c14a870 --- /dev/null +++ b/includes/system/versioned/1.0.7.other/1.0.7.12/product_loader.php @@ -0,0 +1,163 @@ + 'Product::load_attributes', + 'brand' => 'Product::load_brand', + 'categories' => 'Product::load_categories', + 'data_attributes' => 'Product::build_data_attributes', + 'images' => 'Product::load_images', + 'link' => 'Product::build_link', + 'notify' => 'Product::load_notify', + 'review_rating' => 'Product::load_reviews', + 'reviews' => 'Product::load_reviews', + 'tax_rate' => 'Product::load_tax_rate', + ]; + + public static function load_attributes($product, $language_id = null) { + $attributes_query = tep_db_query(sprintf(<<<'EOSQL' +SELECT po.products_options_name, pov.products_options_values_name, + pa.options_id, pa.options_values_id, pa.price_prefix, pa.options_values_price, + pad.products_attributes_filename, pad.products_attributes_maxdays, pad.products_attributes_maxcount + FROM products_options po + INNER JOIN products_attributes pa ON po.products_options_id = pa.options_id + LEFT JOIN products_options_values pov ON pa.options_values_id = pov.products_options_values_id AND po.language_id = pov.language_id + LEFT JOIN products_attributes_download pad ON pa.products_attributes_id = pad.products_attributes_id + WHERE po.language_id = %d AND pa.products_id = %d + ORDER BY po.sort_order, po.products_options_name, pov.sort_order, pov.products_options_values_name +EOSQL + , (int)($language_id ?? $_SESSION['languages_id']), (int)$product->get('id'))); + + $attributes = []; + while ($attribute = tep_db_fetch_array($attributes_query)) { + if (!isset($attributes[$attribute['options_id']])) { + $attributes[$attribute['options_id']] = [ + 'name' => $attribute['products_options_name'], + 'values' => [], + ]; + } + + $attributes[$attribute['options_id']]['values'][$attribute['options_values_id']] = [ + 'name' => $attribute['products_options_values_name'], + 'prefix' => $attribute['price_prefix'], + 'price' => $attribute['options_values_price'], + 'filename' => $attribute['products_attributes_filename'], + 'maxdays' => $attribute['products_attributes_maxdays'], + 'maxcount' => $attribute['products_attributes_maxcount'], + ]; + } + + $product->set('has_attributes', (count($attributes) > 0) ? '1' : '0'); + $product->set('attributes', $attributes); + return $attributes; + } + + public static function load_brand($product) { + if (isset($GLOBALS['brand']) && ($GLOBALS['brand']->getData('manufacturers_id') == $product->get('manufacturers_id'))) { + $product->_data['brand'] =& $GLOBALS['brand']; + } else { + $product->set('brand', new manufacturer($product->get('manufacturers_id'))); + } + + return $product->get('brand'); + } + + public static function load_categories($product) { + $categories_query = tep_db_query(sprintf(<<<'EOSQL' +SELECT categories_id + FROM products_to_categories + WHERE products_id = %d +EOSQL + , (int)$product->get('id'))); + + $categories = []; + while ($category = tep_db_fetch_array($categories_query)) { + $categories[] = $category['categories_id']; + } + + $product->set('categories', $categories); + return $categories; + } + + public static function load_images($product) { + $images_query = tep_db_query(sprintf(<<<'EOSQL' +SELECT * + FROM products_images + WHERE products_id = %d + ORDER BY sort_order +EOSQL + , (int)$product->get('id'))); + + $images = []; + while ($image = tep_db_fetch_array($images_query)) { + $images[] = $image; + } + + $product->set('images', $images); + return $images; + } + + public static function load_notifications($product) { + $notifications_query = tep_db_query(sprintf(<<<'EOSQL' +SELECT date_added FROM product_notifications WHERE products_id = %d AND customers_id = %d +EOSQL + , (int)$product->get('id'), (int)$_SESSION['customer_id'])); + + $product->set('notify', tep_db_num_rows($notifications_query)); + return $product->get('notify'); + } + + public static function load_reviews($product) { + $reviews_query = tep_db_query(sprintf(<<<'EOSQL' +SELECT r.*, rd.* + FROM reviews r INNER JOIN reviews_description rd ON r.reviews_id = rd.reviews_id + WHERE r.reviews_status = 1 AND r.products_id = %d AND rd.languages_id = %d +EOSQL + , $product->get('id'), $_SESSION['languages_id'])); + + $sum = 0; + $reviews = []; + while ($review_data = tep_db_fetch_array($reviews_query)) { + $review = []; + foreach ($review_data as $key => $value) { + $trimmed_key = tep_ltrim_once($key, 'reviews_'); + + $review[isset($review_data[$trimmed_key]) ? $key : $trimmed_key] = $value; + } + + $sum += $review['rating']; + $reviews[] = $review; + } + + $product->set('review_rating', + number_format(count($reviews) ? ($sum / count($reviews)) : 0, 2)); + $product->set('reviews', $reviews); + + return $reviews; + } + + public static function load_tax_rate($product) { + if (isset($GLOBALS['customer'])) { + $tax_rate = tep_get_tax_rate( + $product->get('tax_class_id'), + $GLOBALS['customer']->get_country_id(), + $GLOBALS['customer']->get_zone_id()); + } else { + $tax_rate = tep_get_tax_rate($product->get('tax_class_id')); + } + + $product->set('tax_rate', $tax_rate); + return $tax_rate; + } + + } diff --git a/includes/version.php b/includes/version.php index efdfa8e7e..f1858e746 100644 --- a/includes/version.php +++ b/includes/version.php @@ -1 +1 @@ -1.0.7.11 +1.0.7.12 diff --git a/install/phoenix.sql b/install/phoenix.sql index 630dc1b12..c7236f3ec 100644 --- a/install/phoenix.sql +++ b/install/phoenix.sql @@ -1126,14 +1126,13 @@ INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_clas INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_18_set_currency', 'currencies', 'set_currency'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_19_ensure_navigation_history', 'Application', 'ensure_navigation_history'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_20_messageStack', 'Loader', 'messageStack'); -INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_21_customer_data', 'Loader', 'customer_data'); -INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_22_customer', 'Application', 'set_customer_if_identified'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_23_parse_actions', 'application_surface', 'parse_actions'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_23_template', 'Loader', 'oscTemplate'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_23a_customer_data', 'Loader', 'customer_data'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_23b_customer', 'Application', 'set_customer_if_identified'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_24_whos_online', '', 'whos_online::update'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_25_password_funcs', 'function_surface', 'password_funcs'); -INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_26_validations', 'function_surface', 'validations'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_27_expire_specials', '', 'specials::expire'); -INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_28_template', 'Loader', 'oscTemplate'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_29_category_path', 'application_surface', 'category_path'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'system', 'startApplication', '_30_register_page_hook', 'hooks', 'register_page'); @@ -1175,6 +1174,19 @@ INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_clas INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'reset', 'resetStart', '_46_unset_comments', 'session_eraser', 'comments'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'checkout_process', 'startApplication', '_50_redirect_success', 'Checkout', 'redirect_success'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'siteWide', 'postRegistration', '_01_post_login', 'Login', 'hook'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'siteWide', 'postLogin', '_01_recreate_session', '', 'tep_session_recreate'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'create_account', 'postLogin', '_02_set_customer_id', 'Login', 'add_customer_id'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'login', 'postLogin', '_02_set_customer_id', 'Login', 'set_customer_id'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'login', 'postLogin', '_03_log', 'Login', 'log'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'siteWide', 'postLogin', '_04_reset_token', '', 'tep_reset_session_token'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'login', 'postLogin', '_05_restore_cart', 'cart', 'restore_contents'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'login', 'postLogin', '_06_redirect', 'navigation', 'redirect_to_snapshot'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'create_account', 'postRegistration', '_02_restore_cart', 'cart', 'restore_contents'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'create_account', 'postRegistration', '_03_notify', 'Login', 'notify'); +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'create_account', 'postRegistration', '_04_redirect', 'Login', 'redirect_success'); + +INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'logoff', 'resetStart', '_40_unset_customer_id', 'session_eraser', 'customer_id'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'checkout_success', 'injectAppTop', 'notify', 'cm_cs_product_notifications', 'process'); INSERT INTO hooks (hooks_site, hooks_group, hooks_action, hooks_code, hooks_class, hooks_method) VALUES ('shop', 'loginRequired', 'loginRequiredStart', 'redirect', '', 'tep_require_login'); @@ -1512,16 +1524,16 @@ insert into configuration (configuration_title, configuration_key, configuration insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_NAVBAR_BRAND_CONTENT_PLACEMENT', 'Home', 'This module must be placed in the Home area of the Navbar.', '6', '1', 'tep_cfg_select_option([\'Home\'], ', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_NAVBAR_BRAND_SORT_ORDER', '505', 'Sort order of display. Lowest is displayed first.', '6', '0', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Shopping Cart Module', 'MODULE_NAVBAR_SHOPPING_CART_STATUS', 'True', 'Do you want to add the module to your Navbar?', '6', '1', 'tep_cfg_select_option([\'True\', \'False\'], ', now()); -insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_NAVBAR_SHOPPING_CART_CONTENT_PLACEMENT', 'Right', 'Should the module be loaded in the Left or Right or the Home area of the Navbar?', '6', '1', 'tep_cfg_select_option([\'Left\', \'Right\', \'Home\'], ', now()); +insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_NAVBAR_SHOPPING_CART_CONTENT_PLACEMENT', 'Right', 'Should the module be loaded in the Left or Right or the Home area of the Navbar?', '6', '1', 'tep_cfg_select_option([\'Home\', \'Left\', \'Center\', \'Right\'], ', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_NAVBAR_SHOPPING_CART_SORT_ORDER', '550', 'Sort order of display. Lowest is displayed first.', '6', '0', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Currencies Module', 'MODULE_NAVBAR_CURRENCIES_STATUS', 'True', 'Do you want to add the module to your Navbar?', '6', '1', 'tep_cfg_select_option([\'True\', \'False\'], ', now()); -insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_NAVBAR_CURRENCIES_CONTENT_PLACEMENT', 'Right', 'Should the module be loaded in the Left or Right or the Home area of the Navbar?', '6', '2', 'tep_cfg_select_option([\'Left\', \'Right\', \'Home\'], ', now()); +insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_NAVBAR_CURRENCIES_CONTENT_PLACEMENT', 'Right', 'Should the module be loaded in the Left or Right or the Home area of the Navbar?', '6', '2', 'tep_cfg_select_option([\'Home\', \'Left\', \'Center\', \'Right\'], ', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_NAVBAR_CURRENCIES_SORT_ORDER', '530', 'Sort order of display. Lowest is displayed first.', '6', '0', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Account Module', 'MODULE_NAVBAR_ACCOUNT_STATUS', 'True', 'Do you want to add the module to your Navbar?', '6', '1', 'tep_cfg_select_option([\'True\', \'False\'], ', now()); -insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_NAVBAR_ACCOUNT_CONTENT_PLACEMENT', 'Left', 'Should the module be loaded in the Left or Right or the Home area of the Navbar?', '6', '2', 'tep_cfg_select_option([\'Left\', \'Right\', \'Home\'], ', now()); +insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_NAVBAR_ACCOUNT_CONTENT_PLACEMENT', 'Left', 'Should the module be loaded in the Left or Right or the Home area of the Navbar?', '6', '2', 'tep_cfg_select_option([\'Home\', \'Left\', \'Center\', \'Right\'], ', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_NAVBAR_ACCOUNT_SORT_ORDER', '540', 'Sort order of display. Lowest is displayed first.', '6', '0', now()); -insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Special Offers Module', 'MODULE_NAVBAR_SPECIAL_OFFERS_STATUS', 'True', 'Do you want to add the module to your Navbar?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now()); -insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement Group', 'MODULE_NAVBAR_SPECIAL_OFFERS_CONTENT_PLACEMENT', 'Left', 'Where should the module be loaded? Lowest is loaded first, per Group.', '6', '2', 'tep_cfg_select_option(array(\'Left\', \'Right\', \'Home\'), ', now()); +insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Special Offers Module', 'MODULE_NAVBAR_SPECIAL_OFFERS_STATUS', 'True', 'Do you want to add the module to your Navbar?', '6', '1', 'tep_cfg_select_option([\'True\', \'False\'], ', now()); +insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement Group', 'MODULE_NAVBAR_SPECIAL_OFFERS_CONTENT_PLACEMENT', 'Left', 'Where should the module be loaded? Lowest is loaded first, per Group.', '6', '2', 'tep_cfg_select_option([\'Home\', \'Left\', \'Center\', \'Right\'], ', now()); insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_NAVBAR_SPECIAL_OFFERS_SORT_ORDER', '530', 'Sort order of display. Lowest is displayed first.', '6', '3', now()); # Navbar diff --git a/login.php b/login.php index 438c89d97..b608a83d1 100644 --- a/login.php +++ b/login.php @@ -17,7 +17,7 @@ if ( !isset($_GET['cookie_test']) ) { $all_get = tep_get_all_get_params(); - tep_redirect(tep_href_link('login.php', (empty($all_get) ? '' : "$all_get&") . 'cookie_test=1', 'SSL')); + tep_redirect(tep_href_link('login.php', (empty($all_get) ? '' : "$all_get&") . 'cookie_test=1')); } tep_redirect(tep_href_link('cookie_usage.php')); @@ -29,20 +29,10 @@ if ( is_int($login_customer_id) && ($login_customer_id > 0) ) { $OSCOM_Hooks->call('siteWide', 'postLogin'); - if (SESSION_RECREATE == 'True') { - tep_session_recreate(); - } - - $_SESSION['customer_id'] = $login_customer_id; - - tep_db_query("UPDATE customers_info SET customers_info_date_of_last_logon = NOW(), customers_info_number_of_logons = customers_info_number_of_logons+1, password_reset_key = null, password_reset_date = null WHERE customers_info_id = " . (int)$_SESSION['customer_id']); - - tep_reset_session_token(); - $_SESSION['cart']->restore_contents(); tep_redirect($_SESSION['navigation']->pop_snapshot_as_link()); } - require "includes/languages/$language/login.php"; + require language::map_to_translation('login.php'); require $oscTemplate->map_to_template(__FILE__, 'page'); require 'includes/application_bottom.php'; diff --git a/logoff.php b/logoff.php index 1cabdb2b2..c6b2c3807 100644 --- a/logoff.php +++ b/logoff.php @@ -12,17 +12,9 @@ require 'includes/application_top.php'; - require "includes/languages/$language/logoff.php"; + require language::map_to_translation('logoff.php'); - unset($_SESSION['customer_id']); - - unset($_SESSION['sendto']); - unset($_SESSION['billto']); - unset($_SESSION['shipping']); - unset($_SESSION['payment']); - unset($_SESSION['comments']); - - $_SESSION['cart']->reset(); + $hooks->register_pipeline('reset'); require $oscTemplate->map_to_template(__FILE__, 'page'); diff --git a/password_reset.php b/password_reset.php index 709374cb2..556cffb29 100644 --- a/password_reset.php +++ b/password_reset.php @@ -17,7 +17,7 @@ tep_redirect(tep_href_link('index.php')); } - require "includes/languages/$language/password_reset.php"; + require language::map_to_translation('password_reset.php'); $page_fields = [ 'password', 'password_confirmation' ]; @@ -27,7 +27,9 @@ $email_address = tep_db_prepare_input($_GET['account']); $password_key = tep_db_prepare_input($_GET['key']); - if ( (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) || !tep_validate_email($email_address) ) { + $email_class = get_class($customer_data->get_module('email_address')); + + if ( (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) || !$email_class::validate($email_address) ) { $error = true; $messageStack->add_session('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND); @@ -61,7 +63,6 @@ if (tep_validate_form_action_is('process')) { $customer_details = $customer_data->process($page_fields); - $OSCOM_Hooks->call('siteWide', 'injectFormVerify'); if (tep_form_processing_is_valid()) { $customer_data->update(['password' => $customer_data->get('password', $customer_details)], ['id' => (int)$customer_data->get('id', $check_customer)]); @@ -70,9 +71,9 @@ $messageStack->add_session('login', SUCCESS_PASSWORD_RESET, 'success'); - tep_redirect(tep_href_link('login.php', '', 'SSL')); + tep_redirect(tep_href_link('login.php')); } } - + require $oscTemplate->map_to_template(__FILE__, 'page'); require 'includes/application_bottom.php'; diff --git a/templates/default/includes/components/box.php b/templates/default/includes/components/box.php new file mode 100644 index 000000000..c10563b93 --- /dev/null +++ b/templates/default/includes/components/box.php @@ -0,0 +1,14 @@ +
> +
+ + map_to_template(...$box['parameters']) ?> +
+ + diff --git a/templates/default/includes/components/product_card.php b/templates/default/includes/components/product_card.php new file mode 100644 index 000000000..7bcbdc243 --- /dev/null +++ b/templates/default/includes/components/product_card.php @@ -0,0 +1,39 @@ + get('image'), htmlspecialchars($product->get('name')), null, null, null, true, 'card-img-top') ?> +
+
get('name') ?>
+
hype_price() ?>
+ +
+ + + +
+
+ get('link'), null, null, 'btn-info btn-product-listing btn-view'); + + if (!$product->get('has_attributes')) { + echo PHP_EOL, tep_draw_button( + IS_PRODUCT_BUTTON_BUY, + '', + tep_href_link(basename($GLOBALS['PHP_SELF']), tep_get_all_get_params(['action', 'products_id']) . 'action=buy_now&products_id=' . (int)$product->get('id')), + null, + ['params' => 'data-has-attributes="0" data-in-stock="' . (int)$product->get('in_stock') . '" data-product-id="' . (int)$product->get('id') . '"'], + 'btn-light btn-product-listing btn-buy'); + } +?> +
+
+ + diff --git a/templates/default/includes/template.php b/templates/default/includes/template.php index dfb3bc953..5d424da1d 100644 --- a/templates/default/includes/template.php +++ b/templates/default/includes/template.php @@ -22,8 +22,9 @@ class default_template { ]; public function __construct() { + $hooks =& Guarantor::ensure_global('hooks', 'shop'); foreach ($this->_base_hook_directories as $directory) { - $GLOBALS['hooks']->add_directory($directory); + $hooks->add_directory($directory); } spl_autoload_register([$this, 'autoload_hooks'], true, true); @@ -49,6 +50,8 @@ public static function _get_template_mapping_for($file, $type) { case 'ext': $file = static::extract_relative_path($file); return DIR_FS_CATALOG . "templates/default/includes/$file"; + case 'translation': + return DIR_FS_CATALOG . $file; case 'literal': default: return DIR_FS_CATALOG . "templates/default/$file";
' . MODULE_PAYMENT_BRAINTREE_CC_CREDITCARD_OWNER . '' . tep_draw_input_field('name', $order->billing['firstname'] . ' ' . $order->billing['lastname']) . '' . tep_draw_input_field('name', $GLOBALS['customer_data']->get('name', $order->billing)) . '
' . MODULE_PAYMENT_BRAINTREE_CC_CREDITCARD_NUMBER . '
 ' . tep_draw_checkbox_field('cc_save', 'true') . ' ' . MODULE_PAYMENT_BRAINTREE_CC_CREDITCARD_SAVE . '' . tep_draw_selection_field('cc_save', 'checkbox', 'true') . ' ' . MODULE_PAYMENT_BRAINTREE_CC_CREDITCARD_SAVE . '
' . $this->_app->getDef('module_dp_field_card_owner') . '' . tep_draw_input_field('cc_owner', $order->billing['name']) . '' . tep_draw_input_field('cc_owner', $customer_data->get('name', $order->billing)) . '
' . $this->_app->getDef('module_dp_field_card_number') . '