⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.1
Server IP:
185.238.29.86
Server:
Linux server2 6.8.12-6-pve #1 SMP PREEMPT_DYNAMIC PMX 6.8.12-6 (2024-12-19T19:05Z) x86_64
Server Software:
nginx/1.18.0
PHP Version:
8.1.31
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
thread-self
/
root
/
prestool
/
Edit File: functions1.php
<?php if(isset($_POST['verbose'])) { $verbose = $_POST['verbose']; } else if (isset($_GET['verbose'])) { $verbose = $_GET['verbose']; } else $verbose = "false"; if($verbose == "on") { $_POST['verbose'] = $verbose = "true"; } /* round types */ const ROUND_ITEM = 1; const ROUND_LINE = 2; const ROUND_TOTAL = 3; /* round modes */ define('PS_ROUND_UP', 0); define('PS_ROUND_DOWN', 1); define('PS_ROUND_HALF_UP', 2); define('PS_ROUND_HALF_DOWN', 3); define('PS_ROUND_HALF_EVEN', 4); define('PS_ROUND_HALF_ODD', 5); if(!isset($settings_version) || ($settings_version < 2)) colordie("Please update your settings1.php file"); /* ps_round is derived from the Prestashop function with the same name in Tools.php */ function ps_round($value, $precision, $round_mode) { switch ($round_mode) { case PS_ROUND_UP: case PS_ROUND_DOWN: $precision_factor = $precision == 0 ? 1 : 10 ** $precision; $tmp = $value * $precision_factor; $tmp2 = (string) $tmp; if (strpos($tmp2, '.') === false) return $value; if ($tmp2[strlen($tmp2) - 1] == 0) return $value; if($round_mode == PS_ROUND_UP) return ceil($tmp) / $precision_factor; else return floor($tmp) / $precision_factor; case PS_ROUND_HALF_DOWN: case PS_ROUND_HALF_EVEN: case PS_ROUND_HALF_ODD: return round($value, $precision, $round_mode - 1); case PS_ROUND_HALF_UP: default: return round($value, $precision, PHP_ROUND_HALF_UP); } } function dbquery($query) { global $conn, $mode, $verbose, $profiling; if($verbose == "true") { if(isset($profiling) && $profiling) $starttime = microtime(true); /* todo: PHP recommends the hrtime() function; But it exists only in PHP 7.3 and higher and the operating systems where it makes a difference (microtime consumes too much time) are not common webservers */ echo $query; } $res = @mysqli_query($conn, $query); if(!$res) { $error = mysqli_error($conn); $full_error = "<p>MySQL error ".mysqli_errno($conn).": ".$error."<br>Generated by URL '".$_SERVER["PHP_SELF"]."'<br>with Query '".$query."' <p>"; if((mysqli_errno($conn) == "1062") && (strpos($query, "specific_price") > 0)) { echo "<br>Index 2 of the 'specific_price' table contains the following fields: id_product,id_shop,id_shop_group,id_currency,id_country,id_group,id_customer,id_product_attribute,from_quantity,from,to"; } if($mode == "background") colordie($full_error); else colordie($full_error); } else if($verbose == "true") { if(isset($profiling) && $profiling) { $endtime = microtime(true); echo " - ".($endtime - $starttime)." seconds"; } if(strtoupper(substr($query, 0, 6)) != "UPDATE") echo " - ".mysqli_affected_rows($conn)." affected"; echo "<br>"; } return $res; } $prestools_notbought; /* complete list of not bought plugins */ $prestools_missing = array(); /* list of plugins needed for the selected fields */ function check_notbought($fields) { global $prestools_notbought, $prestools_missing; // Note: we check not for "TE_plugin_combi_delete.php". When the copy file is present it is assumed that this one is too $prestools_plugins = array("carrier"=>"TE_plugin_carriers.php","combinations"=>"TE_plugin_combi_copy.php", "customizations"=>"TE_plugin_customizations.php","discount"=>"TE_plugin_discounts.php", "features"=>"TE_plugin_features.php","supplier"=>"TE_plugin_suppliers.php","tags"=>"TE_plugin_tags.php", "image cleanup"=>"TE_plugin_cleanup_images.php","image"=>"TE_plugin_images.php", "shopz"=>"TE_plugin_shopz.php", "virtualp"=>"TE_plugin_virtual.php" ); $altnames = array("virtualp" => "virtual products"); $prestools_notbought = array(); foreach($prestools_plugins AS $key => $filename) { if(!file_exists($filename)) { if(isset($altnames[$key])) $key = $altnames[$key]; $prestools_notbought[] = $key; if(in_array($key,$fields)) $prestools_missing[] = $key; } } } $selected_img_extension = ""; function get_image_extension($id_product, $id_image, $type) { global $selected_img_extension, $img_extensions, $triplepath; $legacy_images = get_configuration_value('PS_LEGACY_IMAGES'); if($selected_img_extension == "") { if($type == "category") { foreach($img_extensions AS $ipart) { $fff = $triplepath.'img/c/'.$id_image.$ipart; if(file_exists($fff)) $selected_img_extension = $ipart; } } else // type=product { foreach($img_extensions AS $ipart) { if($legacy_images) { $fff = $triplepath.'img/p/'.($id_product).'-'.$id_image.$ipart; if(file_exists($fff)) $selected_img_extension = $ipart; } else // Legacy_images=NO { $fff = $triplepath.'img/p'.getpath($id_image).'/'.$id_image.$ipart; if(file_exists($fff)) $selected_img_extension = $ipart; } } } } return $selected_img_extension; } function get_product_image($id_product, $id_image, $imagelist) /* returns link or "X" */ { global $selected_img_extension, $prod_imgwidth, $prod_imgheight, $localpath; if(($id_image == 0) || ($id_image == "")) return "X"; get_image_extension($id_product, $id_image, "product"); $legacy_images = get_configuration_value('PS_LEGACY_IMAGES'); $base_uri = get_base_uri(); $imgsizing = ""; if((($prod_imgwidth != 0) ||($prod_imgwidth == "auto")) && (($prod_imgheight!= 0) ||($prod_imgheight == "auto"))) $imgsizing = 'style="width:'.$prod_imgwidth.'px; height:'.$prod_imgheight.'px;"'; $path = getpath($id_image); if($legacy_images) { $imgbase = $base_uri.'img/p/'.$id_product.'-'.$id_image; $imgdir = $base_uri.'img/p/'; $localbase = $localpath.'/img/p/'.$id_product.'-'.$id_image; $localdir = $localpath.'/img/p/'; $namebase = $id_product.'-'.$id_image; } else { $imgbase = $base_uri.'img/p'.$path.'/'.$id_image; $imgdir = $base_uri.'img/p'.$path.'/'; $localbase = $localpath.'/img/p'.$path.'/'.$id_image; $localdir = $localpath.'/img/p'.$path.'/'; $namebase = $id_image; } if(file_exists($localbase.$selected_img_extension)) { if((strpos($selected_img_extension,".") === 0) || ($imgsizing == "")) $imgsizing = 'style="width:70px;"'; return '<a href="'.$imgbase.'.jpg" target="_blank" title="'.$id_image.';'.str_replace('"','"',$imagelist).'"><img src="'.$imgbase.$selected_img_extension.'" '.$imgsizing.' /></a>'; } /* because PS 1.7 creates fileformats on the fly we will return whatever is available */ $dist = 9999; /* look for size that is just a little bigger than $prod_imgwidth and $prod_imgheight */ $nblen = strlen($namebase); $selectedfile = ""; if(!file_exists($localdir)) return '<span title="'.$id_image.';'.str_replace('"','"',$imagelist).'">'.$id_image.'<br>missdir</span>'; if ($dh = opendir($localdir)) { while (($file = readdir($dh)) !== false) { if(($file == "..") || ($file == ".")) continue; $xfile = strtolower($file); if(substr($xfile,-4) != ".jpg") continue; if(substr($xfile,0,$nblen) != $namebase) continue; list($width, $height, $type, $attr) = getimagesize($localdir.$file); $xdist = ($width - $prod_imgwidth) + ($height - $prod_imgheight); if(($xdist >=0) && ($xdist < $dist)) { $selectedfile = $file; $dist=$xdist; $selwidth = $width; } } } if($selectedfile != "") { if($imgsizing == "") $imgsizing = 'style="width:70px;"'; return '<a href="'.$imgbase.'.jpg" target="_blank" title="'.$id_image.';'.str_replace('"','"',$imagelist).'"><img src="'.$imgdir.$selectedfile.'" '.$imgsizing.' /></a>'; } return '<span title="'.$id_image.';'.str_replace('"','"',$imagelist).'">'.$id_image.'<br>miss</span>'; } /* getpath() takes a string like "189" and returns something like "/1/8/9" */ function getpath($name) { $str = ""; for ($i=0; $i<strlen($name); $i++) { $str .= "/".substr($name,$i,1); } return $str; } $configuration = array(); function get_configuration_value($name, $id_shop_group = NULL, $id_shop = NULL) { global $configuration, $conn; if(!isset($configuration[$name])) { $configuration[$name] = array(); $res = dbquery("select value,id_shop_group,id_shop from ". _DB_PREFIX_."configuration WHERE name='".mysqli_real_escape_string($conn,$name)."'"); while ($row = mysqli_fetch_array($res)) { if($row["id_shop"] != NULL) { if(!isset($configuration[$name]["shop"])) $configuration[$name]["shop"] = array(); $configuration[$name]["shop"][$row["id_shop"]] = $row["value"]; } else if($row["id_shop_group"] != NULL) { if(!isset($configuration[$name]["group"])) $configuration[$name]["group"] = array(); $configuration[$name]["group"][$row["id_shop_group"]] = $row["value"]; } else $configuration[$name]["global"] = $row["value"]; } } if(($id_shop != NULL) && isset($configuration[$name]["shop"]) && isset($configuration[$name]["shop"][$id_shop])) return $configuration[$name]["shop"][$id_shop]; if(($id_shop_group != NULL) && isset($configuration[$name]["group"]) && isset($configuration[$name]["group"][$id_shop_group])) return $configuration[$name]["group"][$id_shop_group]; if(isset($configuration[$name]["global"])) return $configuration[$name]["global"]; return false; } function get_configuration_lang_value($name, $id_lang, $id_shop_group = NULL, $id_shop = NULL) { global $configuration, $conn; if(!isset($configuration[$name])) $configuration[$name] = array(); if(!isset($configuration[$name][$id_lang])) { $configuration[$name][$id_lang] = array(); $query = "select cl.value,id_shop_group,id_shop from ". _DB_PREFIX_."configuration c"; $query .= " LEFT JOIN ". _DB_PREFIX_."configuration_lang cl ON c.id_configuration=cl.id_configuration"; $query .= " WHERE c.name='".mysqli_real_escape_string($conn, $name)."' AND cl.id_lang=".$id_lang; $res = dbquery($query); while ($row = mysqli_fetch_array($res)) { if($row["id_shop"] != NULL) { if(!isset($configuration[$name][$id_lang]["shop"])) $configuration[$name][$id_lang]["shop"] = array(); $configuration[$name][$id_lang]["shop"][$row["id_shop"]] = $row["value"]; } else if($row["id_shop_group"] != NULL) { if(!isset($configuration[$name][$id_lang]["group"])) $configuration[$name][$id_lang]["group"] = array(); $configuration[$name][$id_lang]["group"][$row["id_shop_group"]] = $row["value"]; } else $configuration[$name][$id_lang]["global"] = $row["value"]; } } if(($id_shop != NULL) && isset($configuration[$name][$id_lang]["shop"]) && isset($configuration[$name][$id_lang]["shop"][$id_shop])) return $configuration[$name][$id_lang]["shop"][$id_shop]; if(($id_shop_group != NULL) && isset($configuration[$name][$id_lang]["group"]) && isset($configuration[$name][$id_lang]["group"][$id_shop_group])) return $configuration[$name][$id_lang]["group"][$id_shop_group]; if(isset($configuration[$name][$id_lang]["global"])) return $configuration[$name][$id_lang]["global"]; return false; } function set_configuration_value($name, $value, $id_shop_group = NULL, $id_shop = NULL) { global $conn, $configuration; if(!is_null($id_shop_group)) $id_shop_group = intval($id_shop_group); if(!is_null($id_shop)) $id_shop = intval($id_shop); $query = "select value,id_shop_group,id_shop from "._DB_PREFIX_."configuration WHERE name='".mysqli_real_escape_string($conn,$name)."'"; if(is_null($id_shop_group)) { $query .= " AND id_shop_group IS NULL"; $id_shop_group= 'NULL'; } else $query .= " AND id_shop_group=".$id_shop_group; if(is_null($id_shop)) { $query .= " AND id_shop IS NULL"; $id_shop= 'NULL'; } else $query .= " AND id_shop=".$id_shop; $res = dbquery($query); if(mysqli_num_rows($res) == 0) { $query = "INSERT INTO "._DB_PREFIX_."configuration SET name='".mysqli_real_escape_string($conn,$name)."', value='".mysqli_real_escape_string($conn,$value)."', id_shop_group=".$id_shop_group.",id_shop=".$id_shop; $res = dbquery($query); } else { $query = "UPDATE "._DB_PREFIX_."configuration SET value='".mysqli_real_escape_string($conn,$value)."' WHERE name='".mysqli_real_escape_string($conn,$name)."' AND id_shop_group=".$id_shop_group." AND id_shop=".$id_shop; $res = dbquery($query); } unset($configuration[$name]); /* force a re-read next time */ } function get_rewrite_settings() { return get_configuration_value('PS_REWRITING_SETTINGS'); } function dateval($val) { if(check_mysql_date($val)) return $val; else return ""; } $physical_uris = array(); function get_base_uri() { global $id_shop, $physical_uris; if(!isset($id_shop) || ($id_shop == "")) { $res = dbquery("select id_shop from ". _DB_PREFIX_."shop WHERE active=1 AND deleted=0"); $row = mysqli_fetch_array($res); $id_shop = $row["id_shop"]; } if(isset($physical_uris[$id_shop])) return $physical_uris[$id_shop]; $query="select physical_uri from ". _DB_PREFIX_."shop_url"; $query .= " WHERE id_shop='".$id_shop."'"; $res=dbquery($query); if(mysqli_num_rows($res) != 0) { $row = mysqli_fetch_array($res); $physical_uris[$id_shop] = $row["physical_uri"]; return $row["physical_uri"]; } /* we didn't find a base uri for our shop. So we take any other */ $query="select physical_uri from ". _DB_PREFIX_."shop_url"; $res=dbquery($query); if(mysqli_num_rows($res) != 0) { $row = mysqli_fetch_array($res); $physical_uris[$id_shop] = $row["physical_uri"]; return $row["physical_uri"]; } $query="select value from ". _DB_PREFIX_."configuration"; $query .= " WHERE name='__PS_BASE_URI__'"; $res=dbquery($query); if(mysqli_num_rows($res) != 0) { $row = mysqli_fetch_array($res); return $row['value']; } if(defined("_PS_DIRECTORY_")) return _PS_DIRECTORY_; return "SORRYNOTHINGFOUND"; } /* translate function */ function t($mytxt,$context = "") { global $prestoolslanguage, $t; if(($context != "") && isset($t[$mytxt][$context])) $txt = $t[$mytxt][$context]; else if(isset($t[$mytxt])) $txt = $t[$mytxt]; else $txt = $mytxt; $argv = func_get_args(); array_shift( $argv ); array_shift( $argv ); return vsprintf( $txt, $argv ); } /* colordie is a variation on the die() function gives the page a colored background for better visibility */ /* </a> gets you out of html brackets */ function colordie($text) { global $conn; $str = preg_replace('/\s+/',' ',$text); $str = str_replace("'","`",$str); $str = json_encode($str); echo '<!--// ";\r\n'; // close open strings echo "// ';\r\n"; echo '--></script></a>'; echo "<script>setTimeout('document.body.bgColor=\'#44eecc\';',200); function inIframe () { try { return window.self !== window.top; } catch (e) { return true; } } if(inIframe ()) { alert('".$str."');} </script>"; /* page must be complete before this works */ mysqli_close($conn); die("<b>".$text."</b>"); } /* addspaces adds spaces to the begin of numbers */ function addspaces($source) { if($source == "") return ""; $source = ltrim($source); /* remove leading spaces */ for($i=0; $i<strlen($source); $i++) if(!is_numeric($source[$i])) break; $spaces = ""; for(;$i<4;$i++) $spaces=$spaces." "; return $spaces.$source; } function check_mysql_date($mydate) { $parts = explode("-", $mydate); if(sizeof($parts) != 3) return false; return(checkdate($parts[1],$parts[2],$parts[0])); } /* Note: this function uses/changes mysqli_affected_rows */ function show_mysql_warnings() { global $conn; $j = mysqli_warning_count($conn); if ($j > 0) { echo "<b>"; $e = mysqli_get_warnings($conn); for ($i = 0; $i < $j; $i++) { echo "Warning ".$e->errno.": ".$e->message."<br>"; //var_dump($e); $e->next(); } echo "</b><script>setTimeout('document.body.bgColor=\'#99FF87\';',200);</script>"; } } function delProductProperties($delproduct) { global $triplepath,$mytables; if(!isset($mytables)) { $mytables = array(); $query = "SHOW TABLES"; $res = dbquery($query); while($row = mysqli_fetch_row($res)) { $mytables[] = $row[0]; } } $res = dbquery("DELETE FROM "._DB_PREFIX_."accessory WHERE id_product_1='".mescape($delproduct)."' OR id_product_2='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."attribute_impact WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."category_product WHERE id_product='".mescape($delproduct)."'"); // $res = dbquery("DELETE FROM "._DB_PREFIX_."compare_product WHERE id_product='".mescape($delproduct)."'"); $query = "SELECT id_customization_field FROM "._DB_PREFIX_."customization_field"; $query .= " WHERE id_product='".mescape($delproduct)."'"; $res = dbquery($query); while ($row=mysqli_fetch_array($res)) { dbquery("DELETE FROM "._DB_PREFIX_."customization_field_lang WHERE id_customization_field='".mescape($row["id_customization_field"])."'"); } $res = dbquery("DELETE FROM "._DB_PREFIX_."customization_field WHERE id_product='".mescape($delproduct)."'"); $query = "SELECT fp.id_feature_value FROM "._DB_PREFIX_."feature_product fp"; $query .= " LEFT JOIN "._DB_PREFIX_."feature_value fv ON fp.id_feature_value=fv.id_feature_value AND fv.custom=1"; $query .= " WHERE id_product='".mescape($delproduct)."'"; $res = dbquery($query); while ($row=mysqli_fetch_array($res)) { dbquery("DELETE FROM "._DB_PREFIX_."feature_value WHERE id_feature_value='".mescape($row["id_feature_value"])."'"); dbquery("DELETE FROM "._DB_PREFIX_."feature_value_lang WHERE id_feature_value='".mescape($row["id_feature_value"])."'"); /*?*/ dbquery("DELETE FROM "._DB_PREFIX_."layered_indexable_feature_value_lang_value WHERE id_feature_value='".mescape($row["id_feature_value"])."'"); } $res = dbquery("DELETE FROM "._DB_PREFIX_."feature_product WHERE id_product='".mescape($delproduct)."'"); $backupdir = $triplepath.'img/archive'; if(!is_dir($backupdir) && !mkdir($backupdir)) $backupdir = $triplepath.'img/tmp'; $query = "SELECT id_image FROM "._DB_PREFIX_."image WHERE id_product='".mescape($delproduct)."'"; $res = dbquery($query); while ($row=mysqli_fetch_array($res)) { $id_image = intval($row["id_image"]); dbquery("DELETE FROM "._DB_PREFIX_."image_lang WHERE id_image='".$id_image."'"); dbquery("DELETE FROM "._DB_PREFIX_."image_shop WHERE id_image='".$id_image."'"); $hasdirs = false; /* when a directory has subdirectories we cannot delete it */ $ipath = $triplepath.'img/p'.getpath($id_image)."/"; if(!is_dir($ipath)) continue; /* there is no image */ $files = scandir($ipath); foreach ($files as $file) { if (($file == ".") || ($file == "..")) continue; if (is_dir($ipath.$file)) { $hasdirs = true; continue; } if (preg_match('/^[0-9]+\.[a-zA-Z]+$/', $file)) /* the main image: move to \img\tmp */ { rename($ipath.$file, $backupdir.'/'.$file); continue; } unlink($ipath.$file); /* delete all other files - including index.php */ } rmdir($ipath); } dbquery("DELETE FROM "._DB_PREFIX_."image WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."layered_price_index WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."layered_product_attribute WHERE id_product='".mescape($delproduct)."'"); // $res = dbquery("DELETE FROM "._DB_PREFIX_."pack WHERE id_product='".mescape($delproduct)."'"); $query = "SELECT id_product_attribute FROM "._DB_PREFIX_."product_attribute"; $query .= " WHERE id_product='".mescape($delproduct)."'"; $res = dbquery($query); while ($row=mysqli_fetch_array($res)) { dbquery("DELETE FROM "._DB_PREFIX_."product_attribute_combination WHERE id_product_attribute='".mescape($row["id_product_attribute"])."'"); dbquery("DELETE FROM "._DB_PREFIX_."product_attribute_image WHERE id_product_attribute='".mescape($row["id_product_attribute"])."'"); dbquery("DELETE FROM "._DB_PREFIX_."product_attribute_shop WHERE id_product_attribute='".mescape($row["id_product_attribute"])."'"); } $res = dbquery("DELETE FROM "._DB_PREFIX_."product_attribute WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."product_carrier WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."product_attachment WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."product_country_tax WHERE id_product='".mescape($delproduct)."'"); $query = "SELECT * FROM "._DB_PREFIX_."product_download WHERE id_product='".mescape($delproduct)."'"; $res = dbquery($query); if(mysqli_num_rows($res) > 0) { $row = mysqli_fetch_assoc($res); unlink($triplepath.'download/'.$row["filename"]); } $res = dbquery("DELETE FROM "._DB_PREFIX_."product_download WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."product_group_reduction_cache WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."product_sale WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."product_supplier WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."product_tag WHERE id_product='".mescape($delproduct)."'"); if(in_array(_DB_PREFIX_."scene_products",$mytables)) $res = dbquery("DELETE FROM "._DB_PREFIX_."scene_products WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."search_index WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."specific_price_priority WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."specific_price WHERE id_product='".mescape($delproduct)."'"); $query = "SELECT id_stock FROM "._DB_PREFIX_."stock"; $query .= " WHERE id_product='".mescape($delproduct)."'"; $res = dbquery($query); while ($row=mysqli_fetch_array($res)) { $squery = "SELECT id_stock_mvt FROM "._DB_PREFIX_."stock_mvt"; $squery .= " WHERE id_product='".mescape($delproduct)."'"; $sres = dbquery($squery); while ($srow=mysqli_fetch_array($sres)) { dbquery("DELETE FROM "._DB_PREFIX_."stock_mvt_reason WHERE id_stock_mvt='".mescape($row["id_stock_mvt"])."'"); dbquery("DELETE FROM "._DB_PREFIX_."stock_mvt_reason_lang WHERE id_stock_mvt='".mescape($row["id_stock_mvt"])."'"); } dbquery("DELETE FROM "._DB_PREFIX_."stock_mvt WHERE id_stock_mvt='".mescape($row["id_stock_mvt"])."'"); } $res = dbquery("DELETE FROM "._DB_PREFIX_."stock WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."stock_available WHERE id_product='".mescape($delproduct)."'"); $res = dbquery("DELETE FROM "._DB_PREFIX_."warehouse_product_location WHERE id_product='".mescape($delproduct)."'"); } function check_customer($customer) { $dquery = "SELECT id_customer FROM "._DB_PREFIX_."customer WHERE id_customer='".$customer."' LIMIT 1"; $dres=dbquery($dquery); if(mysqli_num_rows($dres) == 0) colordie("Customer No ".$customer." is not a valid customer number"); } function check_country($country) { global $countries; if(!isset($countries)) { $cquery = "SELECT id_country FROM "._DB_PREFIX_."country"; $cres=dbquery($cquery); $countries = array(); while ($crow=mysqli_fetch_array($cres)) $countries[] = $crow["id_country"]; } if(!in_array($country, $countries)) colordie("Country No ".$country." is not a valid country number"); } function check_group($group) { global $groups; if(!isset($groups)) { $gquery = "SELECT id_group FROM "._DB_PREFIX_."group"; $gres=dbquery($gquery); $groups = array(); while ($grow=mysqli_fetch_array($gres)) $groups[] = $grow["id_group"]; } if(!in_array($group, $groups)) colordie("Group No ".$group." is not a valid group number"); } function check_currency($currency) { global $currencies; if(!isset($currencies)) { $cquery = "SELECT id_currency FROM "._DB_PREFIX_."currency"; $cres=dbquery($cquery); $currencies = array(); while ($crow=mysqli_fetch_array($cres)) $currencies[] = $crow["id_currency"]; } if(!in_array($currency, $currencies)) colordie("Currency No ".$currency." is not a valid currency number"); } function check_shop($shop) { global $shops; if(!isset($shops)) { $squery = "SELECT id_shop FROM "._DB_PREFIX_."shop"; $sres=dbquery($squery); $shops = array(); while ($srow=mysqli_fetch_array($sres)) $shops[] = $srow["id_shop"]; } if(!in_array($shop, $shops)) colordie("Shop No ".$shop." is not a valid shop number"); } /* get subcategories: this function is recursively called */ function get_subcats($cat_id, &$realm) { global $conn; $realm[] = $cat_id; if($cat_id == 0) die("You cannot have category with value zero; to see all categories use Home with subcategories"); $query="select id_category from ". _DB_PREFIX_."category WHERE id_parent='".mysqli_real_escape_string($conn, $cat_id)."'"; $res = dbquery($query); while($row = mysqli_fetch_array($res)) get_subcats($row['id_category'], $realm); } /* translate a range value into sql. A range looks like "9,12-27 79". * Both comma's and spaces can be used as separators. Used in image-overview and image-regenerate-proc. * Values starting with a letter (like "c6") are allowed but not processed. They are stored in the $extras array. */ function rangetosql($range, $fieldname, &$extras = array()) { $range = str_replace(" ",",",$range); $range = preg_replace('/,,+/', ',',$range); $range = preg_replace('/[^,\-0-9a-z]+/', '', $range); if($range == "") return "0"; $sections = explode(",",$range); $str = "0"; $items = array(); foreach($sections AS $section) { if(strpos($section, "-") > 0) { if(preg_match('/[^\-0-9]/', $section)) continue; $parts = explode("-", $section); $start = intval($parts[0]); $end = intval($parts[1]); $str .= " OR (".$fieldname." >=".$start." AND ".$fieldname." <=".$end.")"; } else { if(!is_numeric($section)) $extras[] = $section; else $items[] = $section; } } if(sizeof($items) > 0) $str .= " OR ".$fieldname." IN (".implode(",", $items).")"; return $str; } /* get a list the subcategories of a category id */ function getsubtree($id) { $subids = array($id); $query = "SELECT id_category FROM `". _DB_PREFIX_."category`"; $query .= " WHERE id_parent='".$id."';"; $res=dbquery($query); while ($row=mysqli_fetch_array($res)) { $subids = array_merge($subids, getsubtree($row["id_category"])); } return $subids; } /* This function re-implements catalogue rules after the characteristics (category, manufacturer, supplier, feature and attribute fields) of products have changed Catalogue rules are implemented in the specific price table as a specific price for each of the affected products There are rule conditions and rule condition groups. Groups are ORed, Conditions are ANDed. So if you have group G1 with conditions C1 and C2 and group G2 with conditions C3, C4 and C5, then the rule is applied if ((C1 AND C2) OR (C3 AND C4 AND C5)) In a multishop setting the shop-specific conditions are set in the rules, not in the conditions. To a considerable extent the same applies to attributes. If you set a catalogue price rule for a specific attribute the price change will apply to all combinations - unless you specify differently in the rule. In Prestashop, see the function getAffectedProducts() in classes\SpecificPriceRule.php. At the time of development the Prestashop code for Catalogue Price Rules on attributes didn't work as should be expected. */ function apply_catalogue_rules($rules, $modified_products) { global $verbose; sort($modified_products); /* these are the products for which the catalogue rules need to be re-implemented */ foreach($rules AS $rule) { /* first delete the old stuff */ if($verbose == "true") echo "-<br>"; $dquery = "DELETE FROM `". _DB_PREFIX_."specific_price`"; $dquery .= " WHERE id_specific_price_rule='".$rule."' AND id_product IN (".implode(",",$modified_products).")"; dbquery($dquery); $myproducts = $mycombinations = array(); $gquery = "SELECT id_specific_price_rule_condition_group FROM `". _DB_PREFIX_."specific_price_rule_condition_group`"; $gquery .= " WHERE id_specific_price_rule='".$rule."';"; $gres=dbquery($gquery); while ($grow=mysqli_fetch_array($gres)) /* for each group: get the distinct conditions */ { if($verbose == "true") echo "-=-<br>"; $rquery = "SELECT id_specific_price_rule_condition, type,value FROM `". _DB_PREFIX_."specific_price_rule_condition`"; $rquery .= " WHERE id_specific_price_rule_condition_group='".$grow["id_specific_price_rule_condition_group"]."';"; $rres=dbquery($rquery); if(mysqli_num_rows($rres)==0) { echo "empty condition.<br>"; /* should not happen */ continue; } $qselector = "SELECT p.id_product"; $qfrom = " FROM `". _DB_PREFIX_."product` p"; $qjoins = ""; $qwhere = " WHERE 1"; $ctr = array("category"=>0, "supplier"=>0, "feature"=>0, "attribute"=>0); /* initialize counters for conditions */ $attributes_join_added = false; while ($rrow=mysqli_fetch_array($rres)) { if($rrow["type"] == "category") { $qjoins .= " LEFT JOIN `". _DB_PREFIX_."category_product` cp".$ctr["category"]." ON cp".$ctr["category"].".id_product=p.id_product"; $qwhere .= " AND (cp".$ctr["category"]++.".id_category=".$rrow["value"].")"; } else if ($rrow["type"] == "supplier") { $qwhere .= " AND (EXISTS(SELECT `ps".$ctr["supplier"]."`.`id_product` FROM `". _DB_PREFIX_."product_supplier` `ps".$ctr["supplier"]."`"; $qwhere .= " WHERE `p`.`id_product` = `ps".$ctr["supplier"]."`.`id_product` AND `ps".$ctr["supplier"]++."`.`id_supplier`=".$rrow["value"]."))"; } else if ($rrow["type"] == "manufacturer") { $qwhere .= " AND (p.id_manufacturer='".$rrow["value"]."')"; } else if ($rrow["type"] == "feature") { $qjoins .= " LEFT JOIN `". _DB_PREFIX_."feature_product` fp".$ctr["feature"]." ON fp".$ctr["feature"].".id_product=p.id_product"; $qwhere .= " AND (fp".$ctr["feature"]++.".id_feature_value=".$rrow["value"].")"; } /* with attributes I am still looking for the best way to avoid duplicates. PS uses GROUP BY, I use DISTINCT */ else if ($rrow["type"] == "attribute") { if (!$attributes_join_added) { $qselector .= ", pa.id_product_attribute"; $qjoins .= " LEFT JOIN `". _DB_PREFIX_."product_attribute` pa ON p.`id_product` = pa.`id_product`"; $attributes_join_added = true; } $qjoins .= " LEFT JOIN `". _DB_PREFIX_."product_attribute_combination` pac".$ctr["attribute"]." ON pac".$ctr["attribute"].".id_product_attribute=pa.id_product_attribute"; $qwhere .= " AND (pac".$ctr["attribute"]++.".id_attribute=".$rrow["value"].")"; } } $qwhere .= " AND (p.id_product IN (".implode(",",$modified_products)."));"; if(!$attributes_join_added) $qselector .= ", 0 AS id_product_attribute"; $qquery = $qselector.$qfrom.$qjoins.$qwhere; $qres=dbquery($qquery); /* note that as condition groups are ORed and we run those group queries separately a product can be collected more than once */ while ($qrow=mysqli_fetch_array($qres)) { if($qrow["id_product_attribute"] == 0) $myproducts[] = $qrow["id_product"]; /* add the different groups into one array of products */ else $mycombinations[$qrow["id_product"]][] = $qrow["id_product_attribute"]; /* add the different groups into one array of products */ } } $myproducts = array_unique($myproducts); /* now get the conditions that we will assign */ $xquery = "SELECT * FROM `". _DB_PREFIX_."specific_price_rule`"; $xquery .= " WHERE id_specific_price_rule='".$rule."';"; $xres = dbquery($xquery); $xrow = mysqli_fetch_array($xres); /* compose the fixed part of the query to set for each product */ $uquery = "INSERT INTO `". _DB_PREFIX_."specific_price` SET id_customer='0', id_shop='".$xrow["id_shop"]."', id_country='".$xrow["id_country"]."'"; $uquery .= ", id_currency='".$xrow["id_currency"]."', id_group='".$xrow["id_group"]."', from_quantity='".$xrow["from_quantity"]."'"; if (version_compare(_PS_VERSION_ , "1.6.0.11", ">=")) $uquery .= ", reduction_tax='".$xrow["reduction_tax"]."'"; if($xrow['reduction_type'] == 'percentage') $uquery .= ", reduction='".($xrow["reduction"]/100)."'"; else $uquery .= ", reduction='".$xrow["reduction"]."'"; $uquery .= ", price='".$xrow["price"]."', reduction_type='".$xrow["reduction_type"]."', `from`='".$xrow["from"]."', `to`='".$xrow["to"]."'"; $uquery .= ", id_specific_price_rule='".$xrow["id_specific_price_rule"]."'"; /* now assign them to each product */ foreach($modified_products AS $product) { if(in_array($product, $myproducts)) { $vquery = $uquery.", id_product='".$product."', id_product_attribute='0'"; dbquery($vquery); } else if(isset($mycombinations[$product])) /* if product is not entered as a whole maybe there are combinations */ { $mycombis = array_unique($mycombinations[$product]); foreach($mycombis AS $combi) { $vquery = $uquery.", id_product='".$product."', id_product_attribute='".$combi."'"; dbquery($vquery); } } } } } function addshoptotableforcategory($id_category, $extrashop, $table) { global $id_shop,$conn; $ignore = "IGNORE"; /* chose between "" and "IGNORE" */ $res = dbquery("SELECT * FROM "._DB_PREFIX_.$table." WHERE id_category = '".$id_category."' AND id_shop='".$id_shop."'"); while ($row = mysqli_fetch_assoc($res)) /* some tables have more than one entry because of attributes */ { $row["id_shop"] = $extrashop; /* foreach ($row as $index => $value) if ($value === null) unset($row[$index]); $qry = " INSERT INTO "._DB_PREFIX_.$table." ( `" .implode("`, `",array_keys($row))."`) "; $qry .= " VALUES ('".implode("', '",array_map("esca", $row)). "')"; */ $keys = $vals = ""; $len = sizeof($row); $x = 1; foreach ($row as $index => $value) { $keys .= "`".$index."`"; if ($value === null) $vals .= "null"; else $vals .= "'".mescape($value)."'"; if($x++ < $len) { $keys .= ","; $vals .= ","; } } $qry = " INSERT ".$ignore." INTO "._DB_PREFIX_.$table." (".$keys.") "; $qry .= " VALUES (".$vals.")"; $res1 = dbquery($qry); if(mysqli_warning_count($conn)>0) { $e = mysqli_get_warnings($conn); if($e->errno == "1062") /* 1062 = duplicate key */ { $keyres = dbquery("SHOW KEYS FROM "._DB_PREFIX_.$table." WHERE Key_name = 'PRIMARY'"); if(($keyres) && (mysqli_num_rows($keyres)>0)) { $dkeyquery = "DELETE FROM "._DB_PREFIX_.$table." WHERE "; $flag=0; while($keyrow = mysqli_fetch_assoc($keyres)) { if($flag++ !=0) $dkeyquery .= " AND "; $dkeyquery .= $keyrow["Column_name"]."='".mescape($row[$keyrow["Column_name"]])."'"; } $kres = dbquery($dkeyquery); $res1 = dbquery($qry); } } else { echo "Warning ".$e->errno.": ".$e->message."<br>"; if(function_exists("show_mysql_warnings")) show_mysql_warnings(); } } } } function removeshopfromtableforcategory($id_category, $deletedshop, $table) { global $id_shop; $dquery = "DELETE FROM ". _DB_PREFIX_.$table; $dquery .= " WHERE id_category = '".$id_category."' AND id_shop='".$deletedshop."'"; $dres=dbquery($dquery); } function addshoptotableforproduct_attribute($id_product_attribute, $extrashop, $table) { global $id_shop,$conn; $ignore = "IGNORE"; /* chose between "" and "IGNORE" */ /* first select an exiting entry whose values we will copy */ $res = dbquery("SELECT * FROM "._DB_PREFIX_.$table." WHERE id_product_attribute = '".$id_product_attribute."' AND id_shop='".$id_shop."'"); if(mysqli_num_rows($res) == 0) /* can happen when "Show combis not in this shop" is checked */ $res = dbquery("SELECT * FROM "._DB_PREFIX_.$table." WHERE id_product_attribute = '".$id_product_attribute."' AND id_shop=(SELECT MIN(id_shop) FROM "._DB_PREFIX_.$table." WHERE id_product_attribute = '".$id_product_attribute."')"); while ($row = mysqli_fetch_assoc($res)) /* some tables have more than one entry because of attributes */ { $row["id_shop"] = $extrashop; /* foreach ($row as $index => $value) if ($value === null) unset($row[$index]); $qry = " INSERT INTO "._DB_PREFIX_.$table." ( `" .implode("`, `",array_keys($row))."`) "; $qry .= " VALUES ('".implode("', '",array_map("esca", $row)). "')"; */ $keys = $vals = ""; $len = sizeof($row); $x = 1; foreach ($row as $index => $value) { $keys .= "`".$index."`"; if ($value === null) $vals .= "null"; else $vals .= "'".mescape($value)."'"; if($x++ < $len) { $keys .= ","; $vals .= ","; } } $qry = " INSERT ".$ignore." INTO "._DB_PREFIX_.$table." (".$keys.") "; $qry .= " VALUES (".$vals.")"; $res1 = dbquery($qry); if(mysqli_warning_count($conn)>0) { $e = mysqli_get_warnings($conn); if($e->errno == "1062") /* 1062 = duplicate key */ { $keyres = dbquery("SHOW KEYS FROM "._DB_PREFIX_.$table." WHERE Key_name = 'PRIMARY'"); if(($keyres) && (mysqli_num_rows($keyres)>0)) { $dkeyquery = "DELETE FROM "._DB_PREFIX_.$table." WHERE "; $flag=0; while($keyrow = mysqli_fetch_assoc($keyres)) { if($flag++ !=0) $dkeyquery .= " AND "; $dkeyquery .= $keyrow["Column_name"]."='".mescape($row[$keyrow["Column_name"]])."'"; } $kres = dbquery($dkeyquery); $res1 = dbquery($qry); } } else { echo "Warning ".$e->errno.": ".$e->message."<br>"; if(function_exists("show_mysql_warnings")) show_mysql_warnings(); } } } } function removeshopfromtableforproduct_attribute($id_product_attribute, $deletedshop, $table) { global $id_shop; $dquery = "DELETE FROM ". _DB_PREFIX_.$table; $dquery .= " WHERE id_product_attribute = '".$id_product_attribute."' AND id_shop='".$deletedshop."'"; $dres=dbquery($dquery); } /* the function below comes from a comment on page http://php.net/manual/en/function.imagecreatefromwbmp.php */ if(!function_exists("imagecreatefrombmp")) { /* this function exists in PHP 7.2 and higher */ function imagecreatefrombmp($p_sFile) { // Load the image into a string $file = fopen($p_sFile,"rb"); $read = fread($file,10); while(!feof($file)&&($read<>"")) $read .= fread($file,1024); $temp = unpack("H*",$read); $hex = $temp[1]; $header = substr($hex,0,108); // Process the header // Structure: http://www.fastgraph.com/help/bmp_header_format.html if (substr($header,0,4)=="424d") { // Cut it in parts of 2 bytes $header_parts = str_split($header,2); // Get the width 4 bytes $width = hexdec($header_parts[19].$header_parts[18]); // Get the height 4 bytes $height = hexdec($header_parts[23].$header_parts[22]); // Unset the header params unset($header_parts); } // Define starting X and Y $x = 0; $y = 1; // Create newimage $image = imagecreatetruecolor($width,$height); // Grab the body from the image $body = substr($hex,108); // Calculate if padding at the end-line is needed // Divided by two to keep overview. // 1 byte = 2 HEX-chars $body_size = (strlen($body)/2); $header_size = ($width*$height); // Use end-line padding? Only when needed $usePadding = ($body_size>($header_size*3)+4); // Using a for-loop with index-calculation instaid of str_split to avoid large memory consumption // Calculate the next DWORD-position in the body for ($i=0;$i<$body_size;$i+=3) { // Calculate line-ending and padding if ($x>=$width) { // If padding needed, ignore image-padding // Shift i to the ending of the current 32-bit-block if ($usePadding) $i += $width%4; // Reset horizontal position $x = 0; // Raise the height-position (bottom-up) $y++; // Reached the image-height? Break the for-loop if ($y>$height) break; } // Calculation of the RGB-pixel (defined as BGR in image-data) // Define $i_pos as absolute position in the body $i_pos = $i*2; $r = hexdec($body[$i_pos+4].$body[$i_pos+5]); $g = hexdec($body[$i_pos+2].$body[$i_pos+3]); $b = hexdec($body[$i_pos].$body[$i_pos+1]); // Calculate and draw the pixel $color = imagecolorallocate($image,$r,$g,$b); imagesetpixel($image,$x,$height-$y,$color); // Raise the horizontal position $x++; } // Unset the body / free the memory unset($body); // Return image-object return $image; } } function mescape($arg) { global $conn; return mysqli_real_escape_string($conn,$arg); } function print_menubar() { global $demo_mode, $headermsgs; echo ' <a name="top"></a>'. $headermsgs.' <div style="position:absolute"><img src=logo1.png></div> <ul class="navi" id="mainmenu"> <li class="menuimg"></li> <li><a href="product-edit.php">✏ Products</a> <ul> <li><a href="product-edit.php">Product Edit</a></li> <li><a href="product-sort.php">Product Sort</a></li> <li><a href="product-vissort.php">Product Visual Sort</a></li> <li><a href="feature-edit.php">Feature Edit</a></li> <li><a href="feature-list.php">Feature List</a></li> <li><a href="tag-list.php">Tag List</a></li> <li><a href="keyword-list.php">Keyword List</a></li> </ul> </li> <li><a href="combi-edit.php">⚄ Combinations</a> <ul> <li><a href="combi-edit.php">Combination Edit</a></li> <li><a href="prodcombi-edit.php">ProdCombi</a></li> <li><a href="combi-copy.php">Combination Copy</a></li> <li><a href="combi-delete.php">Combination Delete</a></li> <li><a href="combi-pricer.php">Combination Pricer</a></li> <li><a href="attribute-sort.php">Attribute Sort</a></li> <li><a href="attribute-exim.php">Attribute Ex- and Import</a></li> <li><a href="attribute-list.php">Attribute List</a></li> </ul> </li> <li><a href="image-edit.php">↕ Images</a> <ul> <li><a href="image-edit.php">Image Edit</a></li> <li><a href="image-regenerate.php">Image Regenerate</a></li> <li><a href="image-preprocess.php">Image Preprocess</a></li> <li><a href="image-overview.php">Image Overview</a></li> <li><a href="image-cleanup.php">Image Cleanup</a></li> </ul> </li> <li><a href="cat-edit.php">☰ Category Edit</a> <ul> <li><a href="cat-edit.php">Category Edit</a> <li><a href="cat-tree.php">Category Tree</a> <li><a href="customer-search.php">Customer Search</a></li> <li><a href="customer-csv-mix.php">Customer CSV Mix</a></li> </ul> </li> <li><a href="order-edit.php">☑ Orders</a> <ul> <li><a href="order-edit.php">Order Edit</a></li> <li><a href="orders-eu-tax.php">Order List for EU Tax</a></li> <li><a href="order-search.php">Order Search</a></li> <li><a href="categories-sold.php">Category revenue</a></li> <li><a href="products-sold.php">Sold Products</a></li> <li><a href="product-sales.php">Product Sales</a></li> <li><a href="shippingcosts.php">Shipping Costs</a></li> <li><a href="sales-graph.php">Sales Graph</a></li> <li><a href="customizations.php">Customizations</a></li> </ul> </li> <li><a href="shopsearch.php">⚒ Tools & Stats</a> <ul> <li><a href="utilities.php">Utilities</a></li> <li><a href="cleanup.php">Cleanup</a></li> <li><a href="integrity-checks.php">Integrity Checks</a></li> <li><a href="shop-rescue.php">Shop Rescue</a></li> <li><a href="export.php">Export</a></li> <li><a href="shopsearch.php">Search Statistics</a></li> <li><a href="discount-list.php">Discount Overview</a></li> <li><a href="ipaddresses.php">IP Adresses</a></li> <li><a href="module-info.php">Module Info</a></li> <li><a href="override-list.php">Override List</a></li> <li><a href="server-shoplist.php">Server Shop List</a></li> </ul> </li> <li><a href="logout1.php">✖ Logout</a></li> <li style="background:#41a85f; float:right" ><a href=".." >To Back Office</a></li> </ul>'; if($demo_mode) echo '<div style="background-color:#333; color:#F7F; margin-top:-12px; font-size: 18px;">This software runs in demo mode. You can access everything but changes are not saved.</div>'; $parts = explode('/', $_SERVER["SCRIPT_NAME"]); if (version_compare(_PS_VERSION_ , "1.5.0.10", ">=")) /* the indexed field is added in 1.5.0.10 */ { $query = "SELECT COUNT(DISTINCT id_product) AS unindexedcount FROM "._DB_PREFIX_."product_shop WHERE indexed='0' AND visibility IN ('both', 'search') AND `active` = 1"; $res = dbquery($query); list($unindexedcount) = mysqli_fetch_row($res); if($unindexedcount > 0) { echo '<div style="background-color:#ff0; color:#f00; width:100%; margin-top:-10px">'; echo '<script>function update_index(ctr) {document.getElementById("reindexspan").innerHTML=ctr;}</script>'; echo '<form name=IndexerForm id=IndexerForm action="reindex.php" target="tank" method="post">'; echo 'You have '.$unindexedcount.' unindexed products. '; echo '<button onclick="IndexerForm.submit(); return false;" style="margin:7px">'; echo '<nobr>Re-index the <span id=reindexspan>'.$unindexedcount.'</span> unindexed products</nobr></button>'; echo '</form></div>'; } } }
Simpan