/wp-content/plugins/wp-shopping-cart/processing_functions.php
PHP | 1082 lines | 850 code | 101 blank | 131 comment | 259 complexity | b701deed10a3edbef4d834420e33af5a MD5 | raw file
1<?php 2function nzshpcrt_overall_total_price($country_code = null, $for_display = false, $no_discount = false, $total_checkbox=0) { 3 /* 4 * Determines the total in the shopping cart, adds the tax and shipping if a country code is supplied and adds the discount of a coupon code is present 5 * Adds a dollar sign and information if there is no tax and shipping if $for_display is true 6 */ 7 global $wpdb; 8 $cart =& $_SESSION['nzshpcrt_cart']; 9 $total_quantity =0; 10 $total_weight = 0; 11 $all_donations = true; 12 $all_no_shipping = true; 13 foreach($cart as $cart_item) { 14 $product_id = $cart_item->product_id; 15 $quantity = $cart_item->quantity; 16 $product_variations = $cart_item->product_variations; 17 $extras = $cart_item->extras; 18 $extras_count=count($extras); 19 $raw_price = 0; 20 $variation_count = count($product_variations); 21 if($variation_count > 0) { 22 foreach($product_variations as $product_variation) { 23 $value_id = $product_variation; 24 $value_data = $wpdb->get_results("SELECT * FROM `".$wpdb->prefix."variation_values` WHERE `id`='".$value_id."' LIMIT 1",ARRAY_A); 25 } 26 } 27 28 //$total_quantity += $quantity; 29 $sql = "SELECT * FROM `".$wpdb->prefix."product_list` WHERE `id` = '$product_id' LIMIT 1"; 30 $product = $wpdb->get_row($sql,ARRAY_A); 31 32 if($product['donation'] == 1) { 33 $price = $quantity * $cart_item->donation_price; 34 } else { 35 $price = $quantity * calculate_product_price($product_id, $product_variations,'stay',$extras); 36 if($country_code != null) { 37 if($product['notax'] != 1) { 38 $price = nzshpcrt_calculate_tax($price, $_SESSION['selected_country'], $_SESSION['selected_region']); 39 } 40 $shipping = nzshpcrt_determine_item_shipping($product_id, $quantity, $country_code); 41 $price += $shipping; 42 } 43 $all_donations = false; 44 } 45 if($product['no_shipping'] != 1) { 46 $all_no_shipping = false; 47 } 48 49 $total += $price; 50 } 51 52 if(($country_code != null) && ($all_donations == false) && ($all_no_shipping == false)) { 53 //echo $_SESSION['selected_country']; 54 //exit(nzshpcrt_determine_base_shipping(0, $country_code)); 55 $total += nzshpcrt_determine_base_shipping(0, $_SESSION['delivery_country']); 56 } 57 if(!empty($_SESSION['coupon_num']) && ($no_discount !== true)){ 58 $total += nzshpcrt_apply_coupon($total,$_SESSION['coupon_num']) - $total ; 59 } 60 61 if($for_display === true) { 62 $total = nzshpcrt_currency_display($total,1); 63 if(($country_code == null) && (get_option('add_plustax') == 1)) { 64 $total .= "<span class='pluspostagetax'> + ".TXT_WPSC_POSTAGE_AND_TAX."</span>"; 65 } 66 } 67 return $total; 68 } 69 70 //written by allen 71 72 function nzshpcrt_overall_total_price_numeric($country_code = null, $for_display = false) 73 { 74 /* 75 * Determines the total in the shopping cart, adds the tax and shipping if a country code is supplied 76 * Adds a dollar sign and information if there is no tax and shipping if $for_display is true 77 */ 78 global $wpdb; 79 $cart =& $_SESSION['nzshpcrt_cart']; 80 $total_quantity =0; 81 $total_weight = 0; 82 $all_donations = true; 83 $all_no_shipping = true; 84 foreach($cart as $cart_item) 85 { 86 $product_id = $cart_item->product_id; 87 $quantity = $cart_item->quantity; 88 $product_variations = $cart_item->product_variations; 89 $raw_price = 0; 90 $variation_count = count($product_variations); 91 if($variation_count > 0) 92 { 93 foreach($product_variations as $product_variation) 94 { 95 $value_id = $product_variation; 96 $value_data = $wpdb->get_results("SELECT * FROM `".$wpdb->prefix."variation_values` WHERE `id`='".$value_id."' LIMIT 1",ARRAY_A); 97 } 98 } 99 //$total_quantity += $quantity; 100 $sql = "SELECT * FROM `".$wpdb->prefix."product_list` WHERE `id` = '$product_id' LIMIT 1"; 101 $product = $wpdb->get_row($sql,ARRAY_A); 102 103 if($product['donation'] == 1) 104 { 105 $price = $quantity * $cart_item->donation_price; 106 } 107 else 108 { 109 $price = $quantity * calculate_product_price($product_id, $product_variations); 110 if($country_code != null) 111 { 112 if($product['notax'] != 1) 113 { 114 $price = nzshpcrt_calculate_tax($price, $_SESSION['selected_country'], $_SESSION['selected_region']); 115 } 116 $shipping = nzshpcrt_determine_item_shipping($product_id, $quantity, $country_code); 117 $price += $shipping; 118 } 119 $all_donations = false; 120 } 121 if($product['no_shipping'] != 1) { 122 $all_no_shipping = false; 123 } 124 125 126 127 $total += $price; 128 } 129 130 if(($country_code != null) && ($all_donations == false) && ($all_no_shipping == false)) { 131 $total += nzshpcrt_determine_base_shipping(0, $country_code); 132 } 133 return $total; 134 } 135 136 //end of written by allen 137 138 function nzshpcrt_calculate_tax($price, $country, $region) 139 { 140 global $wpdb; 141 $country_data = $wpdb->get_row("SELECT * FROM `".$wpdb->prefix."currency_list` WHERE `isocode` IN('".get_option('base_country')."') LIMIT 1",ARRAY_A); 142 if(($country_data['has_regions'] == 1)) 143 { 144 $region_data = $wpdb->get_row("SELECT `".$wpdb->prefix."region_tax`.* FROM `".$wpdb->prefix."region_tax` WHERE `".$wpdb->prefix."region_tax`.`country_id` IN('".$country_data['id']."') AND `".$wpdb->prefix."region_tax`.`id` IN('".$region."') ",ARRAY_A) ; 145 $tax_percentage = $region_data['tax']; 146 } 147 else 148 { 149 $tax_percentage = $country_data['tax']; 150 } 151 $add_tax = false; 152 if($country == get_option('base_country')) 153 { 154 $add_tax = true; 155 } 156 if($add_tax === true) 157 { 158 $price = $price * (1 + ($tax_percentage/100)); 159 } 160 return $price; 161 } 162 163 function nzshpcrt_find_total_price($purchase_id,$country_code) 164 { 165 global $wpdb; 166 if(is_numeric($purchase_id)) 167 { 168 $purch_sql = "SELECT * FROM `".$wpdb->prefix."purchase_logs` WHERE `id`='".$purchase_id."'"; 169 $purch_data = $wpdb->get_row($purch_sql,ARRAY_A) ; 170 171 $cartsql = "SELECT * FROM `".$wpdb->prefix."cart_contents` WHERE `purchaseid`=".$purchase_id.""; 172 $cart_log = $wpdb->get_results($cartsql,ARRAY_A) ; 173 if($cart_log != null) 174 { 175 $all_donations = true; 176 $all_no_shipping = true; 177 foreach($cart_log as $cart_row) 178 { 179 $productsql= "SELECT * FROM `".$wpdb->prefix."product_list` WHERE `id`=".$cart_row['prodid'].""; 180 $product_data = $wpdb->get_results($productsql,ARRAY_A); 181 182 $variation_sql = "SELECT * FROM `".$wpdb->prefix."cart_item_variations` WHERE `cart_id`='".$cart_row['id']."'"; 183 $variation_data = $wpdb->get_results($variation_sql,ARRAY_A); 184 $variation_count = count($variation_data); 185 $price = ($cart_row['price'] * $cart_row['quantity']); 186 187 if($purch_data['shipping_country'] != '') 188 { 189 $country_code = $purch_data['shipping_country']; 190 } 191 192 if($cart_row['donation'] == 1) { 193 $shipping = 0; 194 } else { 195 $all_donations = false; 196 } 197 198 if($cart_row['no_shipping'] == 1) { 199 $shipping = 0; 200 } else { 201 $all_no_shipping = false; 202 } 203 204 if(($cart_row['donation'] != 1) && ($cart_row['no_shipping'] != 1)) { 205 $shipping = nzshpcrt_determine_item_shipping($cart_row['prodid'], $cart_row['quantity'], $country_code); 206 } 207 $endtotal += $shipping + $price; 208 } 209 if(($all_donations == false) && ($all_no_shipping == false)){ 210 if($purch_data['base_shipping'] > 0) { 211 $base_shipping = $purch_data['base_shipping']; 212 } else { 213 $base_shipping = nzshpcrt_determine_base_shipping(0, $country_code); 214 } 215 $endtotal += $base_shipping; 216 } 217 218 if($purch_data['discount_value'] > 0) { 219 $endtotal -= $purch_data['discount_value']; 220 if($endtotal < 0) { 221 $endtotal = 0; 222 } 223 } 224 225 } 226 return $endtotal; 227 } 228 } 229 //written by Allen 230function nzshpcrt_apply_coupon($price,$coupon_num){ 231 global $wpdb; 232 $now = date("Y-m-d H:i:s"); 233 $now = strtotime($now); 234 //echo $now; 235 if ($coupon_num!=NULL) { 236 $coupon_sql = "SELECT * FROM `".$wpdb->prefix."wpsc_coupon_codes` WHERE coupon_code='".$coupon_num."' LIMIT 1"; 237 $coupon_data = $wpdb->get_results($coupon_sql,ARRAY_A); 238 $coupon_data = $coupon_data[0]; 239 } 240 if ( ($coupon_data['active']=='1') && !(($coupon_data['use_once']=='1') && ($coupon_data['is_used']=='1'))){ 241 if ((strtotime($coupon_data['start']) < $now)&&(strtotime($coupon_data['expiry']) > $now)){ 242 243 if ($coupon_data['is-percentage']=='1'){ 244 $price = $price*(1-$coupon_data['value']/100); 245 } else { 246 if ($coupon_data['every_product']=='1') { 247 $cart = $_SESSION['nzshpcrt_cart']; 248 $total_quantity=0; 249 250 foreach($cart as $product) { 251 $total_quantity+=$product->quantity; 252 } 253 $price = $price-$coupon_data['value']*$total_quantity; 254 } else { 255 $price = $price-$coupon_data['value']; 256 } 257 258 } 259 } else { 260 return $price; 261 } 262 } 263 if($price<0){ 264 $price = 0; 265 } 266 return $price; 267} 268 //End of written by Allen 269 270 function nzshpcrt_determine_base_shipping($per_item_shipping, $country_code) { 271 global $wpdb; 272 if(get_option('do_not_use_shipping') != 1) { 273 if($country_code == get_option('base_country')) { 274 $base_shipping = get_option('base_local_shipping'); 275 } else { 276 $base_shipping = get_option('base_international_shipping'); 277 } 278 $shipping = $base_shipping + $per_item_shipping; 279 } else { 280 $shipping = 0; 281 } 282 return $shipping; 283 } 284 285 function nzshpcrt_determine_item_shipping($product_id, $quantity, $country_code) { 286 global $wpdb; 287 if(is_numeric($product_id) && (get_option('do_not_use_shipping') != 1)) { 288 $sql = "SELECT * FROM `".$wpdb->prefix."product_list` WHERE `id`='$product_id' LIMIT 1"; 289 $product_list = $wpdb->get_row($sql,ARRAY_A) ; 290 if($product_list['no_shipping'] == 0) { 291 //if the item has shipping 292 if($country_code == get_option('base_country')) { 293 $additional_shipping = $product_list['pnp']; 294 } else { 295 $additional_shipping = $product_list['international_pnp']; 296 } 297 $shipping = $quantity * $additional_shipping; 298 } else { 299 //if the item does not have shipping 300 $shipping = 0; 301 } 302 } else { 303 //if the item is invalid or all items do not have shipping 304 $shipping = 0; 305 } 306 return $shipping; 307 } 308 309function nzshpcrt_currency_display($price_in, $tax_status, $nohtml = false, $id = false, $no_dollar_sign = false) 310 { 311 /* 312 * This now ignores tax status, but removing it entirely will probably have to wait for the inevitable yet indefinately delayed total rewrite, woot 313 */ 314 global $wpdb; 315 $currency_sign_location = get_option('currency_sign_location'); 316 $currency_type = get_option('currency_type'); 317 $currency_data = $wpdb->get_results("SELECT `symbol`,`symbol_html`,`code` FROM `".$wpdb->prefix."currency_list` WHERE `id`='".$currency_type."' LIMIT 1",ARRAY_A) ; 318 $price_out = null; 319 $currency_sign_location = get_option('currency_sign_location'); 320 $currency_type = get_option('currency_type'); 321 $currency_data = $wpdb->get_results("SELECT `symbol`,`symbol_html`,`code` FROM `".$wpdb->prefix."currency_list` WHERE `id`='".$currency_type."' LIMIT 1",ARRAY_A) ; 322 $price_out = null; 323 if(is_numeric($id)) 324 { 325 326 } 327 328 $price_out = number_format($price_in, 2, '.', ','); 329 330 if($currency_data[0]['symbol'] != '') 331 { 332 if($nohtml == false) 333 { 334 $currency_sign = $currency_data[0]['symbol_html']; 335 } 336 else 337 { 338 $currency_sign = $currency_data[0]['symbol']; 339 } 340 } 341 else 342 { 343 $currency_sign = $currency_data[0]['code']; 344 } 345 346 switch($currency_sign_location) 347 { 348 case 1: 349 $output = $price_out.$currency_sign; 350 break; 351 352 case 2: 353 $output = $price_out.' '.$currency_sign; 354 break; 355 356 case 3: 357 $output = $currency_sign.$price_out; 358 break; 359 360 case 4: 361 $output = $currency_sign.' '.$price_out; 362 break; 363 } 364 365 if($nohtml == true) 366 { 367 $output = "".$output.""; 368 } 369 else 370 { 371 $output = "<span class='pricedisplay'>".$output."</span>"; 372 } 373 374 if($no_dollar_sign == true) 375 { 376 return $price_out; 377 } 378 return $output; 379 } 380 381function admin_display_total_price($start_timestamp = '', $end_timestamp = '') 382 { 383 global $wpdb; 384 if(($start_timestamp != '') && ($end_timestamp != '')) 385 { 386 $sql = "SELECT * FROM `".$wpdb->prefix."purchase_logs` WHERE `processed` > '1' AND `date` BETWEEN '$start_timestamp' AND '$end_timestamp' ORDER BY `date` DESC"; 387 } 388 else 389 { 390 $sql = "SELECT * FROM `".$wpdb->prefix."purchase_logs` WHERE `processed` > '1' AND `date` != ''"; 391 } 392 $purchase_log = $wpdb->get_results($sql,ARRAY_A) ; 393 $total = 0; 394 if($purchase_log != null) 395 { 396 foreach($purchase_log as $purchase) 397 { 398 $country_sql = "SELECT * FROM `".$wpdb->prefix."submited_form_data` WHERE `log_id` = '".$purchase['id']."' AND `form_id` = '".get_option('country_form_field')."' LIMIT 1"; 399 $country_data = $wpdb->get_results($country_sql,ARRAY_A); 400 $country = $country_data[0]['value']; 401 $total += nzshpcrt_find_total_price($purchase['id'],$country); 402 } 403 } 404 return $total; 405 } 406 407 408 409function calculate_product_price($product_id, $variations = false, $pm='',$extras=false) { 410 global $wpdb; 411 $pm = ''; // PM override code lies here 412 if(is_numeric($product_id)) { 413 if(is_array($variations) && ((count($variations) >= 1) && (count($variations) <= 2))) { 414 $variation_count = count($variations); 415 $variations = array_values($variations); 416 } 417 if ($pm!='') { 418 $checkb_sql = "SELECT * FROM `".$wpdb->prefix."product_list` WHERE `id` = '".(int)$product_id."' LIMIT 1"; 419 $product_data = $wpdb->get_results($checkb_sql,ARRAY_A); 420 if ($product_data[0]['special']=='1') { 421 $std_price = $product_data[0]['price'] - $product_data[0]['special_price']; 422 } else { 423 $std_price = $product_data[0]['price']; 424 } 425 if ($pm=='stay') { 426 if ((count($extras)>0)&&($extras!=null)) { 427 foreach ($extras as $extra) { 428 $price+=$wpdb->get_var("SELECT `price` FROM `".$wpdb->prefix."extras_values_associations` WHERE `product_id` = '".$product_id."' AND `value_id` = '".$extra."' LIMIT 1"); 429 } 430 } 431 return $std_price+$price; 432 } 433 $sql = "SELECT `price` FROM `".$wpdb->prefix."extras_values_associations` WHERE `product_id` = '".$product_id."' AND `extras_id` = '".$extras[0]."' LIMIT 1"; 434 435 if ($pm=='plus') { 436 if ((count($extras)>0)&&($extras!=null)) { 437 foreach ($extras as $extra) { 438 $price+=$wpdb->get_var("SELECT `price` FROM `".$wpdb->prefix."extras_values_associations` WHERE `product_id` = '".$product_id."' AND `extras_id` = '".$extra."' LIMIT 1"); 439 } 440 } 441 return $std_price+$price; 442 } elseif ($pm=='minus') { 443 if ((count($extras)>0)&&($extras!=null)) { 444 foreach ($extras as $extra) { 445 $price+=$wpdb->get_var("SELECT `price` FROM `".$wpdb->prefix."extras_values_associations` WHERE `product_id` = '".$product_id."' AND `extras_id` = '".$extra."' LIMIT 1"); 446 } 447 } 448 return $std_price+$price; 449 } 450 return $price; 451 } else { 452 if(($variation_count >= 1) && ($variation_count <= 2)) { 453 switch($variation_count) { 454 case 1: 455 $sql = "SELECT `price` FROM `".$wpdb->prefix."variation_priceandstock` WHERE `product_id` IN ('".$product_id."') AND `variation_id_1` = '".$variations[0]."' AND `variation_id_2` = '0' LIMIT 1"; 456 break; 457 458 case 2: 459 $sql = "SELECT `price` FROM `".$wpdb->prefix."variation_priceandstock` WHERE `product_id` IN ('".$product_id."') AND ((`variation_id_1` = '".$variations[0]."' AND `variation_id_2` = '".$variations[1]."') OR (`variation_id_1` = '".$variations[1]."' AND `variation_id_2` = '".$variations[0]."')) LIMIT 1"; 460 break; 461 } 462 $price = $wpdb->get_var($sql); 463 //exit("// $price $sql"); 464 } else { 465 $sql = "SELECT `price`,`special`,`special_price` FROM `".$wpdb->prefix."product_list` WHERE `id`='".$product_id."' LIMIT 1"; 466 $product_data = $wpdb->get_row($sql,ARRAY_A); 467 if($product_data['special_price'] > 0) { 468 $price = $product_data['price'] - $product_data['special_price']; 469 } else { 470 $price = $product_data['price']; 471 } 472 } 473 } 474 } else { 475 $price = false; 476 } 477 return $price; 478} 479 480function check_in_stock($id, $variations, $item_quantity = 1) 481 { 482 global $wpdb; 483 $sql = "SELECT * FROM `".$wpdb->prefix."product_list` WHERE `id`='".$id."' LIMIT 1"; 484 $item_data = $wpdb->get_row($sql,ARRAY_A); 485 486 $item_stock = null; 487 $variation_count = count($variations); 488 if(($variation_count >= 1) && ($variation_count <= 2)) 489 { 490 foreach($variations as $variation_id) 491 { 492 if(is_numeric($variation_id)) 493 { 494 $variation_ids[] = $variation_id; 495 } 496 } 497 if(count($variation_ids) == 2) 498 { 499 $variation_stock_data = $wpdb->get_row("SELECT * FROM `".$wpdb->prefix."variation_priceandstock` WHERE `product_id` = '".$id."' AND (`variation_id_1` = '".$variation_ids[0]."' AND `variation_id_2` = '".$variation_ids[1]."') OR (`variation_id_1` = '".$variation_ids[1]."' AND `variation_id_2` = '".$variation_ids[0]."') LIMIT 1",ARRAY_A); 500 $item_stock = $variation_stock_data['stock']; 501 } 502 else if(count($variation_ids) == 1) 503 { 504 $variation_stock_data = $wpdb->get_row("SELECT * FROM `".$wpdb->prefix."variation_priceandstock` WHERE `product_id` = '".$id."' AND (`variation_id_1` = '".$variation_ids[0]."' AND `variation_id_2` = '0') LIMIT 1",ARRAY_A); 505 506 $item_stock = $variation_stock_data['stock']; 507 } 508 } 509 510 if($item_stock === null) 511 { 512 $item_stock = $item_data['quantity']; 513 } 514 515 if((($item_data['quantity_limited'] == 1) && ($item_stock > 0) && ($item_stock >= $item_quantity)) || ($item_data['quantity_limited'] == 0)) 516 { 517 $output = true; 518 } 519 else 520 { 521 $output = false; 522 } 523 return $output; 524 } 525 526 527 528function wpsc_item_process_image($id='') { 529 global $wpdb; 530 if ($id=='') { 531 $id=$_POST['prodid']; 532 } 533 534 if(($_FILES['image'] != null) && preg_match("/\.(gif|jp(e)*g|png){1}$/i",$_FILES['image']['name']) && apply_filters( 'wpsc_filter_file', $_FILES['image']['tmp_name'] )) { 535 //$active_signup = apply_filters( 'wpsc_filter_file', $_FILES['image']['tmp_name'] ); 536 if(function_exists("getimagesize")) { 537 $image_name = basename($_FILES['image']['name']); 538 if(is_file((WPSC_IMAGE_DIR.$image_name))) { 539 $name_parts = explode('.',basename($image_name)); 540 $extension = array_pop($name_parts); 541 $name_base = implode('.',$name_parts); 542 $dir = glob(WPSC_IMAGE_DIR."$name_base*"); 543 544 foreach($dir as $file) { 545 $matching_files[] = basename($file); 546 } 547 $image_name = null; 548 $num = 2; 549 // loop till we find a free file name, first time I get to do a do loop in yonks 550 do { 551 $test_name = "{$name_base}-{$num}.{$extension}"; 552 if(!file_exists(WPSC_IMAGE_DIR.$test_name)) { 553 $image_name = $test_name; 554 } 555 $num++; 556 } while ($image_name == null); 557 } 558 559 //exit("<pre>".print_r($image_name,true)."</pre>"); 560 561 $new_image_path = WPSC_IMAGE_DIR.$image_name; 562 move_uploaded_file($_FILES['image']['tmp_name'], $new_image_path); 563 $stat = stat( dirname( $new_image_path )); 564 $perms = $stat['mode'] & 0000666; 565 @ chmod( $new_image_path, $perms ); 566 567 switch($_POST['image_resize']) { 568 case 2: 569 $height = $_POST['height']; 570 $width = $_POST['width']; 571 break; 572 573 574 case 0: 575 $height = null; 576 $width = null; 577 break; 578 579 case 1: 580 default: 581 $height = get_option('product_image_height'); 582 $width = get_option('product_image_width'); 583 break; 584 } 585 if(($_POST['image_resize'] == 3) && ($_FILES['thumbnailImage'] != null) && file_exists($_FILES['thumbnailImage']['tmp_name'])) { 586 $imagefield='thumbnailImage'; 587 $image= image_processing($_FILES['thumbnailImage']['tmp_name'], (WPSC_THUMBNAIL_DIR.$image_name),null,null,$imagefield); 588 $thumbnail_image = $image; 589 } else { 590 image_processing($new_image_path, (WPSC_THUMBNAIL_DIR.$image_name), $width, $height); 591 } 592 593 $updatelink_sql = "UPDATE `".$wpdb->prefix."product_list` SET `image` = '".$image_name."', `thumbnail_image` = '".$thumbnail_image."' WHERE `id` = '$id'"; 594 $wpdb->query($updatelink_sql); 595 596 $image = $wpdb->escape($image_name); 597 } else { 598 $image_name = basename($_FILES['image']['name']); 599 if(is_file((WPSC_IMAGE_DIR.$image_name))) { 600 $name_parts = explode('.',basename($image_name)); 601 $extension = array_pop($name_parts); 602 $name_base = implode('.',$name_parts); 603 $dir = glob(WPSC_IMAGE_DIR."$name_base*"); 604 605 foreach($dir as $file) { 606 $matching_files[] = basename($file); 607 } 608 $image_name = null; 609 $num = 2; 610 // loop till we find a free file name 611 do { 612 $test_name = "{$name_base}-{$num}.{$extension}"; 613 if(!file_exists(WPSC_IMAGE_DIR.$test_name)) { 614 $image_name = $test_name; 615 } 616 $num++; 617 } while ($image_name == null); 618 } 619 $new_image_path = WPSC_IMAGE_DIR.$image_name; 620 move_uploaded_file($_FILES['image']['tmp_name'], $new_image_path); 621 $stat = stat( dirname( $new_image_path )); 622 $perms = $stat['mode'] & 0000666; 623 @ chmod( $new_image_path, $perms ); 624 $image = $wpdb->escape($image_name); 625 } 626 } else { 627 $image_data = $wpdb->get_row("SELECT `id`,`image` FROM `".$wpdb->prefix."product_list` WHERE `id`='".(int)$_POST['prodid']."' LIMIT 1",ARRAY_A); 628 //exit("<pre>".print_r($image_data,true)."</pre>"); 629 630 if(($_POST['image_resize'] == 3) && ($_FILES['thumbnailImage'] != null) && file_exists($_FILES['thumbnailImage']['tmp_name'])) { 631 $imagefield='thumbnailImage'; 632 $image=image_processing($_FILES['thumbnailImage']['tmp_name'], WPSC_THUMBNAIL_DIR.$_FILES['thumbnailImage']['name'],null,null,$imagefield); 633 $thumbnail_image = $image; 634 $wpdb->query("UPDATE `".$wpdb->prefix."product_list` SET `thumbnail_image` = '".$thumbnail_image."' WHERE `id` = '".$image_data['id']."'"); 635 $stat = stat( dirname( (WPSC_THUMBNAIL_DIR.$image_data['image']) )); 636 $perms = $stat['mode'] & 0000666; 637 @ chmod( (WPSC_THUMBNAIL_DIR.$image_data['image']), $perms ); 638 } 639 $image = false; 640 } 641 return $image; 642} 643 644function wpsc_item_process_file($mode = 'add') { 645 global $wpdb; 646 if(apply_filters( 'wpsc_filter_file', $_FILES['file']['tmp_name'] )) { 647 // initialise $idhash to null to prevent issues with undefined variables and error logs 648 $idhash = null; 649 switch($mode) { 650 case 'edit': 651 /* if we are editing, grab the current file and ID hash */ 652 $product_id = $_POST['prodid']; 653 $fileid_data = $wpdb->get_results("SELECT `file` FROM `".$wpdb->prefix."product_list` WHERE `id` = '$product_id' LIMIT 1",ARRAY_A); 654 655 case 'add': 656 default: 657 /* if we are adding, make a new file row and get the ID of it */ 658 $timestamp = time(); 659 $query_results = $wpdb->query("INSERT INTO `".$wpdb->prefix."product_files` ( `filename` , `mimetype` , `idhash` , `date` ) VALUES ( '', '', '', '$timestamp');"); 660 $fileid = $wpdb->get_var("SELECT LAST_INSERT_ID() FROM `".$wpdb->prefix."product_files`"); 661 break; 662 } 663 664 /* if there is no idhash, generate it */ 665 if($idhash == null) { 666 $idhash = sha1($fileid); 667 if($idhash == '') { 668 // if sha1 doesnt spit an error, but doesnt return anything either (it has done so on some servers) 669 $idhash = md5($fileid); 670 } 671 } 672 // if needed, we can add code here to stop hash doubleups in the unlikely event that they shoud occur 673 674 $mimetype = wpsc_get_mimetype($_FILES['file']['tmp_name']); 675 676 $filename = basename($_FILES['file']['name']); 677 678 if(move_uploaded_file($_FILES['file']['tmp_name'],(WPSC_FILE_DIR.$idhash))) { 679 $stat = stat( dirname( (WPSC_FILE_DIR.$idhash) )); 680 $perms = $stat['mode'] & 0000666; 681 @ chmod( (WPSC_FILE_DIR.$idhash), $perms ); 682 if(function_exists("make_mp3_preview")) { 683 if($mimetype == "audio/mpeg" && (!isset($_FILES['preview_file']['tmp_name']))) { 684 // if we can generate a preview file, generate it (most can't due to sox being rare on servers and sox with MP3 support being even rarer), thus this needs to be enabled by editing code 685 make_mp3_preview((WPSC_FILE_DIR.$idhash), (WPSC_PREVIEW_DIR.$idhash.".mp3")); 686 $preview_filepath = (WPSC_PREVIEW_DIR.$idhash.".mp3"); 687 } else if(file_exists($_FILES['preview_file']['tmp_name'])) { 688 $preview_filename = basename($_FILES['preview_file']['name']); 689 $preview_mimetype = wpsc_get_mimetype($_FILES['preview_file']['tmp_name']); 690 copy($_FILES['preview_file']['tmp_name'], (WPSC_PREVIEW_DIR.$preview_filename)); 691 $preview_filepath = (WPSC_PREVIEW_DIR.$preview_filename); 692 $wpdb->query("UPDATE `".$wpdb->prefix."product_files` SET `preview` = '".$wpdb->escape($preview_filename)."', `preview_mimetype` = '".$preview_mimetype."' WHERE `id` = '$fileid' LIMIT 1"); 693 } 694 $stat = stat( dirname($preview_filepath)); 695 $perms = $stat['mode'] & 0000666; 696 @ chmod( $preview_filepath, $perms ); 697 } 698 $wpdb->query("UPDATE `".$wpdb->prefix."product_files` SET `filename` = '".$wpdb->escape($filename)."', `mimetype` = '$mimetype', `idhash` = '$idhash' WHERE `id` = '$fileid' LIMIT 1"); 699 } 700 if($mode == 'edit') { 701 //if we are editing, update the file ID in the product row, this cannot be done for add because the row does not exist yet. 702 $wpdb->query("UPDATE `".$wpdb->prefix."product_list` SET `file` = '$fileid' WHERE `id` = '$product_id' LIMIT 1"); 703 } 704 return $fileid; 705 } else { 706 return false; 707 } 708} 709 710function wpsc_item_reassign_file($selected_product_file, $mode = 'add') { 711 global $wpdb; 712 // initialise $idhash to null to prevent issues with undefined variables and error logs 713 $idhash = null; 714 if($mode == 'edit') { 715 /* if we are editing, grab the current file and ID hash */ 716 $product_id = (int)$_POST['prodid']; 717 if($selected_product_file == '.none.') { 718 // unlikely that anyone will ever upload a file called .none., so its the value used to signify clearing the product association 719 $wpdb->query("UPDATE `".$wpdb->prefix."product_list` SET `file` = '0' WHERE `id` = '$product_id' LIMIT 1"); 720 return null; 721 } 722 723 // if we already use this file, there is no point doing anything more. 724 $current_fileid = $wpdb->get_var("SELECT `file` FROM `".$wpdb->prefix."product_list` WHERE `id` = '$product_id' LIMIT 1",ARRAY_A); 725 if($current_fileid > 0) { 726 $current_file_data = $wpdb->get_row("SELECT `id`,`idhash` FROM `".$wpdb->prefix."product_files` WHERE `id` = '$current_fileid' LIMIT 1",ARRAY_A); 727 if(basename($selected_product_file) == $file_data['idhash']) { 728 return $current_fileid; 729 } 730 } 731 } 732 733 734 $selected_product_file = basename($selected_product_file); 735 if(file_exists(WPSC_FILE_DIR.$selected_product_file)) { 736 $timestamp = time(); 737 $file_data = $wpdb->get_row("SELECT * FROM `".$wpdb->prefix."product_files` WHERE `idhash` IN('".$wpdb->escape($selected_product_file)."') LIMIT 1", ARRAY_A); 738 $fileid = (int)$file_data['id']; 739 if($fileid < 1) { // if the file does not have a database row, add one. 740 $mimetype = wpsc_get_mimetype(WPSC_FILE_DIR.$selected_product_file); 741 $filename = $idhash = $selected_product_file; 742 $timestamp = time(); 743 $wpdb->query("INSERT INTO `{$wpdb->prefix}product_files` ( `filename` , `mimetype` , `idhash` , `date` ) VALUES ( '{$filename}', '{$mimetype}', '{$idhash}', '{$timestamp}');"); 744 $fileid = $wpdb->get_var("SELECT `id` FROM `".$wpdb->prefix."product_files` WHERE `date` = '{$timestamp}' AND `filename` IN ('{$filename}')"); 745 } 746 if($mode == 'edit') { 747 //if we are editing, update the file ID in the product row, this cannot be done for add because the row does not exist yet. 748 $wpdb->query("UPDATE `".$wpdb->prefix."product_list` SET `file` = '$fileid' WHERE `id` = '$product_id' LIMIT 1"); 749 } 750 } 751 return $fileid; 752} 753 754function wpsc_get_mimetype($file, $check_reliability = false) { 755 // Sometimes we need to know how useless the result from this is, hence the "check_reliability" parameter 756 if(file_exists($file)) { 757 if(function_exists('finfo_open') && function_exists('finfo_file')) { 758 // fileinfo apparently works best, wish it was included with PHP by default 759 $finfo_handle = finfo_open(FILEINFO_MIME); 760 $mimetype = finfo_file($finfo_handle,$file); 761 $is_reliable = true; 762 } else if(function_exists('mime_content_type')) { 763 //obsolete, but probably second best due to completeness 764 $mimetype = mime_content_type($file); 765 $is_reliable = true; 766 } else { 767 //included with plugin, uses the extention, limited and odd list, last option 768 $mimetype_class = new mimetype(); 769 $mimetype = $mimetype_class->getType($file); 770 $is_reliable = false; 771 } 772 } else { 773 $mimetype = false; 774 $is_reliable = false; 775 } 776 if($check_reliability == true) { 777 return array('mime_type' =>$mimetype, 'is_reliable' => $is_reliable ); 778 } else { 779 return $mimetype; 780 } 781} 782 783 784function shopping_cart_total_weight(){ 785 global $wpdb; 786 $cart = $_SESSION['nzshpcrt_cart']; 787 $total_weight=0; 788 foreach($cart as $item) { 789 $sql="SELECT weight FROM ".$wpdb->prefix."product_list WHERE id='".$item->product_id."'"; 790 $weight=$wpdb->get_var($sql); 791 $subweight = $weight*$item->quantity; 792 $total_weight+=$subweight; 793 } 794 return $total_weight; 795} 796 797function usps_shipping_methods() { 798 /// this section of code needs to be tidied up and all references to "ereg" changed to "preg_match" or similar. 799 global $wpdb; 800 801 if(function_exists('curl_init')) { 802 echo "<div id='usps_shipping_methods'>\n\r"; 803 $dest = $_SESSION['delivery_country']; 804 if ($dest == get_option('base_country')) { 805// $request = '<RateV3Request USERID="' . "221ALLEN1967" . '" PASSWORD="' . "651AC00ZD570" . '">'; 806// $allowed_types = explode(", ", MODULE_SHIPPING_USPS_TYPES); 807// 808// while (list($key, $value) = each($this->types)) { 809// if ( !in_array($key, $allowed_types) ) continue; 810// 811// if ($key == 'FIRST CLASS'){ 812// $this->FirstClassMailType = '<FirstClassMailType>LETTER</FirstClassMailType>'; 813// } else { 814// $this->FirstClassMailType = ''; 815// } 816// 817// if ($key == 'PRIORITY'){ 818// $this->container = 'FLAT RATE ENVELOPE'; 819// } 820// 821// if ($key == 'EXPRESS'){ 822// $this->container = 'FLAT RATE ENVELOPE'; 823// } 824// 825// if ($key == 'PARCEL POST'){ 826// $this->container = 'REGULAR'; 827// $this->machinable = 'false'; 828// } 829// 830// $request .= '<Package ID="' . $services_count . '">' . 831// '<Service>' . $key . '</Service>' . 832// $this->FirstClassMailType . 833// '<ZipOrigination>' . SHIPPING_ORIGIN_ZIP . '</ZipOrigination>' . 834// '<ZipDestination>' . $dest_zip . '</ZipDestination>' . 835// '<Pounds>' . $this->pounds . '</Pounds>' . 836// '<Ounces>' . $this->ounces . '</Ounces>' . 837// '<Container>' . $this->container . '</Container>' . 838// '<Size>' . $this->size . '</Size>' . 839// '<Machinable>' . $this->machinable . '</Machinable>' . 840// '</Package>'; 841// 842// if ($transit) { 843// $transitreq = 'USERID="' . MODULE_SHIPPING_USPS_USERID . 844// '" PASSWORD="' . MODULE_SHIPPING_USPS_PASSWORD . '">' . 845// '<OriginZip>' . STORE_ORIGIN_ZIP . '</OriginZip>' . 846// '<DestinationZip>' . $dest_zip . '</DestinationZip>'; 847// 848// switch ($key) { 849// case 'EXPRESS': $transreq[$key] = 'API=ExpressMail&XML=' . 850// urlencode( '<ExpressMailRequest ' . $transitreq . '</ExpressMailRequest>'); 851// break; 852// case 'PRIORITY': $transreq[$key] = 'API=PriorityMail&XML=' . 853// urlencode( '<PriorityMailRequest ' . $transitreq . '</PriorityMailRequest>'); 854// break; 855// case 'PARCEL': $transreq[$key] = 'API=StandardB&XML=' . 856// urlencode( '<StandardBRequest ' . $transitreq . '</StandardBRequest>'); 857// break; 858// default: $transreq[$key] = ''; 859// break; 860// } 861// } 862// 863// $services_count++; 864// } 865// $request .= '</RateV3Request>'; //'</RateRequest>'; //Changed by Greg Deeth April 30, 2008 866// $request = 'API=RateV3&XML=' . urlencode($request); 867 } else { 868 $dest=$wpdb->get_var("SELECT country FROM ".$wpdb->prefix."currency_list WHERE isocode='".$dest."'"); 869 $weight = shopping_cart_total_weight(); 870 $request = '<IntlRateRequest USERID="' . get_option('usps_user_id') . '" PASSWORD="' . get_option('usps_user_password') . '">' . 871 '<Package ID="0">' . 872 '<Pounds>' . $weight . '</Pounds>' . 873 '<Ounces>' . '0' . '</Ounces>' . 874 '<MailType>Package</MailType>' . 875 '<Country>' . $dest . '</Country>' . 876 '</Package>' . 877 '</IntlRateRequest>'; 878 879 $request = 'API=IntlRate&XML=' . urlencode($request); 880 } 881 882 //$http = new httpClient(); 883 $usps_server = 'production.shippingapis.com'; //'stg-production.shippingapis.com'; // or stg-secure.shippingapis.com //'production.shippingapis.com'; 884 $api_dll = 'shippingapi.dll'; //'shippingapi.dll'; 885 //if ($http->Connect($usps_server, 80)) { 886 887 $url = 'http://'.$usps_server.'/' . $api_dll . '?' . $request; 888 $ch=curl_init(); 889 curl_setopt($ch, CURLOPT_URL, $url); 890 curl_setopt($ch, CURLOPT_NOPROGRESS, 1); 891 curl_setopt($ch, CURLOPT_VERBOSE, 1); 892 curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1); 893 curl_setopt($ch, CURLOPT_TIMEOUT, 120); 894 curl_setopt($ch, CURLOPT_USERAGENT, 'osCommerce'); 895 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 896 $body = curl_exec($ch); 897 //$error = curl_error($ch); 898 899 curl_close($ch); 900 901// $http->addHeader('Host', $usps_server); 902// $http->addHeader('User-Agent', 'osCommerce'); 903// $http->addHeader('Connection', 'Close'); 904 905 //if ($http->Get('/' . $api_dll . '?' . $request)) $body = $http->getBody(); 906// if ($transit && is_array($transreq) && ($order->delivery['country']['id'] == STORE_COUNTRY)) { 907// while (list($key, $value) = each($transreq)) { 908// if ($http->Get('/' . $api_dll . '?' . $value)) $transresp[$key] = $http->getBody(); 909// } 910// } 911 //$http->Disconnect(); 912 if($body == '') { 913 //return false; 914 } 915 $response=array(); 916 while (true) { 917 if ($start = strpos($body, '<Package ID=')) { 918 $body = substr($body, $start); 919 $end = strpos($body, '</Package>'); 920 $response[] = substr($body, 0, $end+10); 921 $body = substr($body, $end+9); 922 } else { 923 break; 924 } 925 } 926 $rates = array(); 927 if ($dest == get_option('base_country')) { 928 if (sizeof($response) == '1') { 929 if (ereg('<Error>', $response[0])) { 930 $number = ereg('<Number>(.*)</Number>', $response[0], $regs); 931 $number = $regs[1]; 932 $description = ereg('<Description>(.*)</Description>', $response[0], $regs); 933 $description = $regs[1]; 934 //return array('error' => $number . ' - ' . $description); 935 } 936 } 937 938 $n = sizeof($response); 939 for ($i=0; $i<$n; $i++) { 940 if (strpos($response[$i], '<Rate>')) { 941 $service = ereg('<MailService>(.*)</MailService>', $response[$i], $regs); 942 $service = $regs[1]; 943 $postage = ereg('<Rate>(.*)</Rate>', $response[$i], $regs); 944 $postage = $regs[1]; 945 $rates[] = array($service => $postage); 946 if ($transit) { 947 switch ($service) { 948 case 'EXPRESS': $time = ereg('<MonFriCommitment>(.*)</MonFriCommitment>', $transresp[$service], $tregs); 949 $time = $tregs[1]; 950 if ($time == '' || $time == 'No Data') { 951 $time = 'Estimated 1 - 2 ' . 'Days'; 952 } else { 953 $time = 'Tomorrow by ' . $time; 954 } 955 break; 956 case 'PRIORITY': $time = ereg('<Days>(.*)</Days>', $transresp[$service], $tregs); 957 $time = $tregs[1]; 958 if ($time == '' || $time == 'No Data') { 959 $time = 'Estimated 1 - 3 ' . 'Days'; 960 } elseif ($time == '1') { 961 $time .= ' ' . 'Day'; 962 } else { 963 $time .= ' ' . 'Days'; 964 } 965 break; 966 case 'PARCEL': $time = ereg('<Days>(.*)</Days>', $transresp[$service], $tregs); 967 $time = $tregs[1]; 968 if ($time == '' || $time == 'No Data') { 969 $time = 'Estimated 2 - 9 ' . 'Days'; 970 } elseif ($time == '1') { 971 $time .= ' ' . 'Day'; 972 } else { 973 $time .= ' ' . 'Days'; 974 } 975 break; 976 case 'First-Class Mail': 977 $time = 'Estimated 1 - 5 ' . 'Days'; 978 break; 979 case 'MEDIA': 980 $time = 'Estimated 2 - 9 ' . 'Days'; 981 break; 982 case 'BPM': 983 $time = 'Estimated 2 - 9 ' . 'Days'; 984 break; 985 default: 986 $time = ''; 987 break; 988 } 989 if ($time != '') $transittime[$service] = ': ' . $time . ''; 990 } 991 } 992 } 993 } else { 994 if (ereg('<Error>', $response[0])) { 995 $number = ereg('<Number>(.*)</Number>', $response[0], $regs); 996 $number = $regs[1]; 997 $description = ereg('<Description>(.*)</Description>', $response[0], $regs); 998 $description = $regs[1]; 999 return array('error' => $number . ' - ' . $description); 1000 } else { 1001 $body = $response[0]; 1002 $services = array(); 1003 while (true) { 1004 if ($start = strpos($body, '<Service ID=')) { 1005 $body = substr($body, $start); 1006 $end = strpos($body, '</Service>'); 1007 $services[] = substr($body, 0, $end+10); 1008 $body = substr($body, $end+9); 1009 } else { 1010 break; 1011 } 1012 } 1013 1014 $allowed_types = Array( 'EXPRESS MAIL INT' => "Express Mail International (EMS)", 'EXPRESS MAIL INT FLAT RATE ENV' => "Express Mail International (EMS) Flat-Rate Envelope", 'PRIORITY MAIL INT' => "Priority Mail International", 'PRIORITY MAIL INT FLAT RATE ENV' => "Priority Mail International Flat-Rate Envelope", 'PRIORITY MAIL INT FLAT RATE BOX' => "Priority Mail International Flat-Rate Box", 'FIRST-CLASS MAIL INT' => "First Class Mail International Letters" ); 1015 //foreach( explode(", ", MODULE_SHIPPING_USPS_TYPES_INTL) as $value ) $allowed_types[$value] = $this->intl_types[$value]; 1016 1017 $size = sizeof($services); 1018 for ($i=0, $n=$size; $i<$n; $i++) { 1019 if (strpos($services[$i], '<Postage>')) { 1020 $service = ereg('<SvcDescription>(.*)</SvcDescription>', $services[$i], $regs); 1021 $service = $regs[1]; 1022 $postage = ereg('<Postage>(.*)</Postage>', $services[$i], $regs); 1023 $postage = $regs[1]; 1024 $time = ereg('<SvcCommitments>(.*)</SvcCommitments>', $services[$i], $tregs); 1025 $time = $tregs[1]; 1026 $time = preg_replace('/Weeks$/', 'Weeks',$time); 1027 $time = preg_replace('/Days$/', 'Days', $time); 1028 $time = preg_replace('/Day$/', 'Day', $time); 1029 if( !in_array($service, $allowed_types) ) continue; 1030// if (isset($this->service) && ($service != $this->service) ) { 1031// continue; 1032// } 1033 $rates[] = array($service => $postage); 1034 if ($time != '') $transittime[$service] = ' (' . $time . ')'; 1035 } 1036 1037 1038 } 1039 $uspsQuote=$rates; 1040 } 1041 } 1042 // usps changes ends 1043 echo "</div>"; 1044 } 1045} 1046 1047function wpsc_ping() { 1048 $services = get_option('ping_sites'); 1049 $services = explode("\n", $services); 1050 foreach ( (array) $services as $service ) { 1051 $service = trim($service); 1052 if($service != '' ) { 1053 wpsc_send_ping($service); 1054 } 1055 } 1056} 1057 1058function wpsc_send_ping($server) { 1059 global $wp_version; 1060 include_once(ABSPATH . WPINC . '/class-IXR.php'); 1061 1062 // using a timeout of 3 seconds should be enough to cover slow servers 1063 $client = new IXR_Client($server, ((!strlen(trim($path)) || ('/' == $path)) ? false : $path)); 1064 $client->timeout = 3; 1065 $client->useragent .= ' -- WordPress/'.$wp_version; 1066 1067 // when set to true, this outputs debug messages by itself 1068 $client->debug = false; 1069 $home = trailingslashit( get_option('product_list_url') ); 1070 $rss_url = get_option('siteurl')."/index.php?rss=true&action=product_list"; 1071 if ( !$client->query('weblogUpdates.extendedPing', get_option('blogname'), $home, $rss_url ) ) { 1072 $client->query('weblogUpdates.ping', get_option('blogname'), $home); 1073 } 1074} 1075 1076 1077 1078 1079 1080 1081 1082?>