Code:
<?
/*****************************************************************************\
+-----------------------------------------------------------------------------+
| X-Cart |
| Copyright (c) 2001-2003 Ruslan R. Fazliev <rrf@rrf.ru> |
| All rights reserved. |
+-----------------------------------------------------------------------------+
| PLEASE READ THE FULL TEXT OF SOFTWARE LICENSE AGREEMENT IN THE "COPYRIGHT" |
| FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS ALSO AVAILABLE |
| AT THE FOLLOWING URL: http://www.x-cart.com/license.php |
| |
| THIS AGREEMENT EXPRESSES THE TERMS AND CONDITIONS ON WHICH YOU MAY USE |
| THIS SOFTWARE PROGRAM AND ASSOCIATED DOCUMENTATION THAT RUSLAN R. |
| FAZLIEV (hereinafter referred to as "THE AUTHOR") IS FURNISHING OR MAKING |
| AVAILABLE TO YOU WITH THIS AGREEMENT (COLLECTIVELY, THE "SOFTWARE"). |
| PLEASE REVIEW THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT |
| CAREFULLY BEFORE INSTALLING OR USING THE SOFTWARE. BY INSTALLING, |
| COPYING OR OTHERWISE USING THE SOFTWARE, YOU AND YOUR COMPANY |
| (COLLECTIVELY, "YOU") ARE ACCEPTING AND AGREEING TO THE TERMS OF THIS |
| LICENSE AGREEMENT. IF YOU ARE NOT WILLING TO BE BOUND BY THIS |
| AGREEMENT, DO NOT INSTALL OR USE THE SOFTWARE. VARIOUS COPYRIGHTS AND |
| OTHER INTELLECTUAL PROPERTY RIGHTS PROTECT THE SOFTWARE. THIS |
| AGREEMENT IS A LICENSE AGREEMENT THAT GIVES YOU LIMITED RIGHTS TO USE |
| THE SOFTWARE AND NOT AN AGREEMENT FOR SALE OR FOR TRANSFER OF TITLE.|
| THE AUTHOR RETAINS ALL RIGHTS NOT EXPRESSLY GRANTED BY THIS AGREEMENT. |
| |
| The Initial Developer of the Original Code is Ruslan R. Fazliev |
| Portions created by Ruslan R. Fazliev are Copyright (C) 2001-2003 |
| Ruslan R. Fazliev. All Rights Reserved. |
+-----------------------------------------------------------------------------+
\*****************************************************************************/
#
# $Id: category_modify.php,v 1.47.2.5 2003/09/04 13:30:06 mclap Exp $
#
require "../smarty.php";
require "../config.php";
require "./auth.php";
require "../include/security.php";
x_session_register("file_upload_data");
#
# Update category or create new
#
#
# Check for errors
#
if ($REQUEST_METHOD == "POST" && $mode == "add" && (substr_count($category_name,"/") || empty($category_name))) {
#
# Error: Category name contains symbol "/"
#
$smarty->assign("category_error", "1");
}
elseif ($REQUEST_METHOD == "POST") {
#
# International descriptions
#
if ($mode == "update_lng") {
if ($category_lng_code) {
foreach ($category_lng_code as $value) {
db_query ("UPDATE $sql_tbl[categories_lng] SET description='".$category_lng_description[$value]."', category='".$category_lng_category[$value]."' WHERE code='$value' AND categoryid='$cat'");
}
}
if ($category_new_description || $category_new_category) {
db_query ("INSERT INTO $sql_tbl[categories_lng] (code, categoryid, category, description) VALUES ('$category_new_language','$cat','".$category_new_category."','".$category_new_description."')");
}
func_header_location("category_modify.php?cat=$cat&lng_updated");
}
#
# Images processing
#
$image_posted = func_check_image_posted($file_upload_data, "C");
$store_in = ($config["Images"]["icons_location"] == "FS"?"FS":"DB");
$redirect_to_modify = true;
if ($mode == "add" && !substr_count($category_name,"/")) {
#
# Get id, name and icon of parent category
#
if( !empty($cat) ) {
$category_data = func_query_first("select $sql_tbl[categories].categoryid, $sql_tbl[categories].category, $sql_tbl[icons].image, $sql_tbl[icons].image_path, $sql_tbl[categories].image_x, $sql_tbl[categories].image_y, $sql_tbl[categories].order_by, $sql_tbl[categories].membership, $sql_tbl[icons].image_type from $sql_tbl[categories], $sql_tbl[icons] where $sql_tbl[categories].categoryid='$cat' and $sql_tbl[categories].categoryid=$sql_tbl[icons].categoryid");
if ($category_data) {
$category_name = $category_data["category"]."/".$category_name;
if (!$image_posted) {
if ($store_in == "FS")
$image_data["image"] = $category_data["image_path"];
else
$image_data["image"] = addslashes($category_data["image"]);
$image_data["image_x"] = $category_data["image_x"];
$image_data["image_y"] = $category_data["image_y"];
$image_data["image_type"] = $category_data["image_type"];
}
}
}
#
# Create new category
#
$catcnt = array_pop(func_query_first("SELECT COUNT(*) FROM $sql_tbl[categories] WHERE category='$category_name'"));
if ($catcnt > 0) {
$smarty->assign("category_error", "2");
$redirect_to_modify = false;
}
else {
db_query("insert into $sql_tbl[categories] (category, description, page_title, meta_description, meta_tags, avail, order_by, membership) values ('".addslashes($parent_category)."/$category_name', '$description','$page_title', '$meta_description', '$meta_tags', '$avail','$order_by','$cat_membership')");
// db_query("insert into $sql_tbl[categories] (category, description, meta_tags, avail, order_by, membership) values ('$category_name', '$description', '$meta_tags', '$avail','$order_by','$cat_membership')");
$cat = db_insert_id();
if ($image_posted)
$image_data = func_get_image_content($file_upload_data, $cat);
db_query("UPDATE $sql_tbl[categories] SET membership='$cat_membership' WHERE category LIKE '$category_name/%'");
db_query("update $sql_tbl[categories] set image_x='$image_data[image_x]', image_y='$image_data[image_y]' where categoryid='$cat'");
if ($store_in == "FS")
db_query("insert into $sql_tbl[icons] (categoryid, image_path, image_type) values ('$cat', '$image_data[image]', '$image_data[image_type]')");
else
db_query("insert into $sql_tbl[icons] (categoryid, image, image_type) values ('$cat', '$image_data[image]', '$image_data[image_type]')");
}
}
else {
#
# Update existing category name
# and all subcategories names
#
$categories_chain = explode("/",$category_name);
$category_path = "";
#
# Move category feature
#
foreach($categories_chain as $category_section) {
$category_path .= $category_section;
if ($category_path != $category_name && !func_query_first("select * from $sql_tbl[categories] where category='$category_path'")){
db_query("insert into $sql_tbl[categories] (category, description, page_title, meta_description, meta_tags, avail, order_by, membership) values ('$category_path', '$description','$page_title', '$meta_description', '$meta_tags', '$avail','','$cat_membership')");
// db_query("insert into $sql_tbl[categories] (category, description, meta_tags, avail, order_by, membership) values ('$category_path', '$description', '$meta_tags', '$avail','','$cat_membership')");
db_query("UPDATE $sql_tbl[categories] SET membership='$cat_membership' WHERE category LIKE '$category_path/%'");
};
$category_path .= "/";
}
$old_category_name = array_pop(func_query_first("select category from $sql_tbl[categories] where categoryid='$cat'"));
db_query("update $sql_tbl[categories] set category='$category_name', description='$description',page_title='$page_title', meta_description='$meta_description', meta_tags='$meta_tags', avail='$avail', order_by='$order_by', membership='$cat_membership' where categoryid='$cat'");
// db_query("update $sql_tbl[categories] set category='$category_name', description='$description', meta_tags='$meta_tags', avail='$avail', order_by='$order_by', membership='$cat_membership' where categoryid='$cat'");
db_query("UPDATE $sql_tbl[categories] SET membership='$cat_membership' WHERE category LIKE '$category_name/%'");
db_query("update $sql_tbl[categories] set category=replace(category, '".addslashes($old_category_name)."', '$category_name') where category like '".addslashes($old_category_name)."/%'");
}
#
# Insert category icon
#
if ($image_posted && !$image_data) {
$image_data = func_get_image_content($file_upload_data, $cat);
if ($store_in == "FS")
db_query("update $sql_tbl[icons] set image_path='$image_data[image]', image_type='$image_data[image_type]' where categoryid='$cat'");
else
db_query("update $sql_tbl[icons] set image='$image_data[image]', image_type='$image_data[image_type]' where categoryid='$cat'");
db_query("update $sql_tbl[categories] set image_x='$image_data[image_x]', image_y='$image_data[image_y]' where categoryid='$cat'");
}
if( $redirect_to_modify )
func_header_location("category_modify.php?cat=$cat");
}
if ($mode == "del_lang") {
db_query ("DELETE FROM $sql_tbl[categories_lng] WHERE categoryid='$cat' AND code='$code'");
func_header_location("category_modify.php?cat=$cat&lng_deleted");
}
if ($REQUEST_METHOD == "GET" && $mode == "delete_icon" && !empty($cat)) {
db_query("UPDATE $sql_tbl[icons] SET image='', image_path='', image_type='' WHERE categoryid='$cat'");
func_header_location("category_modify.php?cat=$cat");
}
require "../include/categories.php";
require "./location_ajust.php";
#
# Prepare multi languages
#
$category_languages = func_query ("SELECT $sql_tbl[categories_lng].*, $sql_tbl[countries].country, $sql_tbl[countries].language FROM $sql_tbl[categories_lng], $sql_tbl[countries] WHERE $sql_tbl[categories_lng].categoryid='$cat' AND $sql_tbl[categories_lng].code=$sql_tbl[countries].code");
$int_languages = func_query ("SELECT DISTINCT($sql_tbl[languages].code), $sql_tbl[countries].country, $sql_tbl[countries].language FROM $sql_tbl[languages], $sql_tbl[countries] WHERE $sql_tbl[languages].code=$sql_tbl[countries].code AND $sql_tbl[languages].code!='$config[default_admin_language]'");
$other_languages = array ();
if ($int_languages) {
foreach ($int_languages as $key=>$value) {
$found = false;
if ($category_languages) {
foreach ($category_languages as $key1 => $lng) {
$category_languages[$key1]["description"] = stripslashes($lng["description"]);
$category_languages[$key1]["category"] = stripslashes($lng["category"]);
if ($lng["code"] == $value["code"])
$found = true;
}
}
if (!$found)
$other_languages[] = $value;
}
}
$smarty->assign("int_languages", $int_languages);
$smarty->assign("other_languages", $other_languages);
$smarty->assign("category_languages", $category_languages);
#
# Check if image selected is not expired
#
if ($file_upload_data["counter"] == 1) {
$file_upload_data["counter"]++;
$smarty->assign("file_upload_data", $file_upload_data);
}
else {
if ($file_upload_data["source"] == "L")
@unlink($file_upload_data["file_path"]);
x_session_unregister("file_upload_data");
}
$smarty->assign("query_string", urlencode($QUERY_STRING));
$smarty->assign("rand", rand());
$smarty->assign("main","category_modify");
$smarty->assign("location",$location);
x_session_save();
@include "../modules/gold_display.php";
$smarty->display("admin/home.tpl");
?>