function get_session() { session_start(); header("Cache-control: private"); return session_id(); } function check_mysql($output) { if (!$output) { $filename = "error.html"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("XmessageX", mysql_error(), $contents); print $contents; fclose ($handle); exit(); } } function cart_summary($my_session) { $totalprice = 0; require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT product_price,product_quantity from cart_temp_$shop_code where session='$my_session'", $connection); $uniqueproducts = mysql_num_rows($query); while ($row = mysql_fetch_array($query)) { $product_price = $row["product_price"]; $product_quantity = $row["product_quantity"]; $totalprice += ($product_price * $product_quantity); } $totalprice = sprintf("%.2f",$totalprice); $uniqueproducts = sprintf("%.0f",$uniqueproducts); $array = array(); array_push($array, $totalprice); array_push($array, $uniqueproducts); return $array; } function message($header,$message) { require("config.php"); if(!function_exists(dynamic_menu)) { include("../embroideredtowels/dynamic.php"); } $my_session = get_session(); $summary = cart_summary($my_session); $filename = "message.html"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("Xsummary_priceX", $summary[0], $contents); $contents = str_replace("Xsummary_qtyX", $summary[1], $contents); $contents = str_replace("Z~", $currency, $contents); $contents = str_replace("XheaderX", $header, $contents); $contents = str_replace("XmessageX", $message, $contents); $contents = str_replace("Xreturn_toX", $_SESSION['cart_url'], $contents); $contents = str_replace(Xdynamic_menuX, dynamic_menu(), $contents); print $contents; fclose ($handle); exit(); } function error($message) { require("config.php"); $my_session = get_session(); $filename = "embroideredtowels/message.html"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("Xsummary_priceX", "", $contents); $contents = str_replace("Xsummary_qtyX", "", $contents); $contents = str_replace("Z~", $currency, $contents); $contents = str_replace("XheaderX", "ERROR", $contents); $contents = str_replace("XmessageX", $string, $contents); print $contents; fclose ($handle); exit(); } function database_error($message) { $init = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."; $tran = "ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba"; $string = strtr($message, $init, $tran); echo("
ERROR
|
If you require help please contact DoodleIT
"); echo(""); exit(); } function upload_images($image,$type,$d,$f,$id) { require("config.php"); $smallimage = $path . $id . "_thumb_$d.jpg"; $bigimage = $path . $id . "_original_$d.jpg"; delete_image($id, $d); if (!strstr($type,"jpeg")) { message("Invalid Upload Image","You must upload a JPEG image. The image you uploaded was $type");} $size = GetImageSize($image); $sizeh = $size[1]; $sizew = $size[0]; $proport = $sizeh / $sizew; $new_height = $proport * $new_width; if ($new_height < $max_height) { $createdimage = imagecreatefromjpeg("$image"); $destimage = imagecreatetruecolor($new_width,$new_height); if(!$destimage) { message("GD PROBLEM","You do not have GD version 2.0 on your server.To rectify this open config/functions.php and replace all occurences of imagecreatetruecolor with imagecreate."); } $output_img = imagecopyresized($destimage, $createdimage, 0, 0, 0, 0, $new_width, $new_height,$sizew,$sizeh); if(!$output_img) { message("GD PROBLEM","imagecopyresized error."); } $imagejpeg = imagejpeg($destimage,$smallimage); if(!$imagejpeg) { message("Unable To Create Thumbnail","Please make sure you have set the permissions of your $uploads_dir to 0777"); } } else { $new_width = (($sizew / $sizeh) * $max_height); $createdimage = imagecreatefromjpeg("$image"); $destimage = imagecreatetruecolor($new_width,$max_height); if(!$destimage) { message("GD PROBLEM","You do not have GD version 2.0 on your server.
To rectify this open config/functions.php and replace all occurences of imagecreatetruecolor with imagecreate."); } $output_img = imagecopyresized($destimage, $createdimage, 0, 0, 0, 0, $new_width, $max_height,$sizew,$sizeh); if(!$output_img) { message("GD PROBLEM","imagecopyresized error."); } $imagejpeg = imagejpeg($destimage,$smallimage); if(!$imagejpeg) { message("Unable To Create Thumbnail","Please make sure you have set the permissions of your $uploads_dir to 0777"); } } move_uploaded_file ($image,$bigimage); return 1; } function delete_image($id,$d) { require("config.php"); $smallimage = $path . $id . "_thumb_$d.jpg"; $bigimage = $path . $id . "_original_$d.jpg"; if (file_exists($smallimage)) { unlink($smallimage); } if (file_exists($bigimage)) { unlink($bigimage); } } function check_login($my_session) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT username from cart_login_$shop_code where session='$my_session'", $connection); while ($row = mysql_fetch_array($query)) { $username = $row["username"]; } return $username; } function get_postage($weight) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT price from cart_weights_$shop_code where weightfrom <= '$weight' and weightto > '$weight' ", $connection); while ($row = mysql_fetch_array($query)) { $price = $row["price"]; } return $price; } function cart_rows($my_session,$filename) { require("config.php"); if(!function_exists(dynamic_menu)) { include("../embroideredtowels/dynamic.php"); } $connection = mysql_connect($host,$usr,$pwd); $summary = cart_summary($my_session); $array = array(); $query = mysql_db_query($db, "SELECT * FROM cart_temp_$shop_code where session='$my_session' and product_show != 'N' ", $connection); if(!mysql_num_rows($query)) { $filename = "shop_cart_empty.html"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("Xpage_fromX", $_SESSION['cart_url'], $contents); $contents = str_replace("Xsummary_priceX", $summary[0], $contents); $contents = str_replace("Xsummary_qtyX", $summary[1], $contents); $contents = str_replace(Xdynamic_menuX, dynamic_menu(), $contents); $contents = str_replace("Z~", $currency, $contents); print $contents; fclose ($handle); exit(); } while ($row = mysql_fetch_array($query)) { $product_name = $row["product_name"]; $short_description = $row["short_description"]; $product_code = $row["product_code"]; $product_price = $row["product_price"]; $product_tax = $row["product_tax"]; $product_weight = $row["product_weight"]; $product_quantity = $row["product_quantity"]; $id = $row["id"]; $product_price_total = $product_price * $product_quantity; $product_price_total = sprintf("%.2f",$product_price_total); $product_name = stripslashes($product_name); $short_description = stripslashes($short_description); $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("XquantityX", $product_quantity, $contents); $contents = str_replace("Xproduct_nameX", $product_name, $contents); $contents = str_replace("Xshort_descriptionX", $short_description, $contents); $contents = str_replace("Xproduct_codeX", $product_code, $contents); $contents = str_replace("XpriceX", $product_price, $contents); $contents = str_replace("XtotalX", $product_price_total, $contents); $contents = str_replace("Xproduct_taxX", $product_tax, $contents); $contents = str_replace("Xproduct_weightX", $product_weight, $contents); $contents = str_replace("XidX", $id, $contents); $contents = str_replace("Xpage_fromX", $from, $contents); $contents = str_replace("Z~", $currency, $contents); array_push($array,$contents); fclose ($handle); } return implode("\n", $array); } function cart_details($my_session,$country,$delivery_country) { $array = array(); $subtotal = 0; $weight = 0; $taxable = 0; require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT * FROM cart_temp_$shop_code where session='$my_session'", $connection); while ($row = mysql_fetch_array($query)) { $product_price = $row["product_price"]; $product_weight = $row["product_weight"]; $product_quantity = $row["product_quantity"]; $product_tax = $row["product_tax"]; $subtotal += ($product_price * $product_quantity); $weight += ($product_weight * $product_quantity); if($product_tax == "Yes") { $taxable += ($product_price * $product_quantity); } } $postage = get_postage($weight); $delivery_multiplier = get_dm($delivery_country); $tax = get_tax($country); $postage = $postage * $delivery_multiplier; $tax = ($taxable * $tax) +($postage * $tax) - ($tax * total_discount($my_session)); $total = $subtotal + $postage + $tax; $subtotal = sprintf("%.2f",$subtotal); $postage = sprintf("%.2f",$postage); $taxable = sprintf("%.2f",$taxable); $tax = sprintf("%.2f",$tax); $total = sprintf("%.2f",$total); $discount = sprintf("%.2f",total_discount($my_session)); array_push($array, $subtotal); array_push($array, $weight); array_push($array, $taxable); array_push($array, $postage); array_push($array, $tax); array_push($array, $total); array_push($array, $discount); return $array; } function total_discount($my_session) { $discount = 0; require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT * FROM cart_temp_$shop_code where session='$my_session' and product_show='N' ", $connection); while ($row = mysql_fetch_array($query)) { $product_price = $row["product_price"]; $discount += $product_price; } $discount = $discount * -1; $discount = sprintf("%.2f",$discount); return $discount; } function get_dm($delivery_country) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT delivery_multiplier from cart_countries_$shop_code where country_name LIKE '%$delivery_country%'", $connection); check_mysql($query); while ($row = mysql_fetch_array($query)) { $delivery_multiplier = $row["delivery_multiplier"]; } return $delivery_multiplier; } function get_tax($country) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT tax_rate from cart_countries_$shop_code where country_name LIKE '%$country%'", $connection); while ($row = mysql_fetch_array($query)) { $tax_rate = $row["tax_rate"]; } $tax_rate = $tax_rate / 100; return $tax_rate; } function email_products($my_session) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $array = array(); $query = mysql_db_query($db, "SELECT * from cart_temp_$shop_code where session = '$my_session' and product_show != 'N' ", $connection); while ($row = mysql_fetch_array($query)) { $product_name = $row["product_name"]; //$short_description = $row["short_description"]; $product_code = $row["product_code"]; $product_price = $row["product_price"]; $product_quantity = $row["product_quantity"]; $product_total = $product_price * $product_quantity; $product_total = sprintf("%.2f",$product_total); array_push($array, "$product_quantity x $product_name ($product_code) - $currency $product_total"); } return $array; } function products_to_database($my_session,$orderno,$status) { $now = time(); require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $details = mysql_db_query($db, "SELECT * from cart_customers_$shop_code where session='$my_session'", $connection); check_mysql($details); while ($row = mysql_fetch_array($details)) { $email = $row["email"]; } $query = mysql_db_query($db, "SELECT * from cart_temp_$shop_code where session = '$my_session' and product_show != 'N' ", $connection); while ($row = mysql_fetch_array($query)) { $product_name = $row["product_name"]; //$short_description = $row["short_description"]; $product_code = $row["product_code"]; $product_price = $row["product_price"]; $product_quantity = $row["product_quantity"]; $product_name = addslashes($product_name); //$short_description = addslashes($short_description); $insert = mysql_db_query($db, "INSERT into cart_record_$shop_code (email, orderno, product_name, product_code, product_price, product_quantity, status, statusdate, orderplaced, message) VALUES ('$email', '$orderno', '$product_name', '$product_code', '$product_price', '$product_quantity', '$status', '$now', '$now', '')", $connection); check_mysql($insert); $update = mysql_db_query($db, "update cart_products_$shop_code set product_stock=product_stock-$product_quantity where product_name='$product_name' and product_code='$product_code'", $connection); check_mysql($update); } $delete = mysql_db_query($db, "DELETE from cart_temp_$shop_code where session='$my_session'", $connection); check_mysql($delete); return; } //short_description '$short_description', function forgot_password($email) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT * from cart_customers_$shop_code where email = '$email' and email != '' ", $connection); if(!mysql_num_rows($query)) { message("Account Error","Unable to locate your e-mail address in our database.
Click here to try again."); } while ($row = mysql_fetch_array($query)) { $name = $row["name"]; $password = $row["password"]; $filename = "../emails/forgot_password.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("XnameX", $name, $contents); $contents = str_replace("XemailX", $email, $contents); $contents = str_replace("XpasswordX", $password, $contents); mail("$email","$forgot_password","$contents","From: $forgot_password_email"); fclose ($handle); } message("Password Sent","Your password has been e-mailed to $email
Click here to return to the log-in page.");
}
function database_connect($shost,$susr,$spwd,$q="")
{
require("config.php");
list($q1,$q2,$q3)= split ("-", $aeneas, 3);
if(strlen($q1) != "10") { $dberror = "rMEZORW oRXVMHV pVB"; }
if(md5(getenv("SERVER_NAME")) != $q2) { $dberror = "rMEZORW oRXVMHV pVB"; }
$qfrom = '0123456789';
$qto = 'bYL+QaeVxC';
$strc = strtr($q3, $qto, $qfrom);
$now = time();
if($strc < $now) { $dberror = "rMEZORW oRXVMHV pVB"; }
if($q and !$dberror) { return true; }
elseif($q and $dberror) { return false; }
elseif($dberror) { database_error("$dberror"); }
else {
return mysql_connect($shost,$susr,$spwd);
}
}
function worldpay($my_session)
{
$filename = "../credit_cards/worldpay.txt";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);
return $contents;
}
function paypal($my_session)
{
$filename = "../credit_cards/paypal.txt";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);
return $contents;
}
function invoice($my_session)
{
$filename = "../credit_cards/invoice.txt";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);
return $contents;
}
function secure($my_session)
{
$filename = "../credit_cards/ssl.txt";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);
return $contents;
}
function nochex($my_session)
{
$filename = "../credit_cards/nochex.txt";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);
return $contents;
}
function protx($my_session)
{
$filename = "../credit_cards/protx.txt";
$handle = fopen ($filename, "r");
$contents = fread ($handle, filesize ($filename));
fclose ($handle);
return $contents;
}
function backup_table ($table) {
require("config.php");
$connection = mysql_connect($host,$usr,$pwd);
$result .= "# Dump of $table \n";
$result .= "# Dump DATE : " . date("d-M-Y") ."\n\n";
$query = mysql_db_query($db, "select * from $table", $connection);
$num_fields = @mysql_num_fields($query);
while ($row = mysql_fetch_row($query)) {
$result .= "INSERT INTO ".$table." VALUES(";
for($j=0; $j<$num_fields; $j++) {
# $row[$j] = addslashes($row[$j]);
$row[$j] = str_replace("'", "", $row[$j]);
$row[$j] = ereg_replace("\n","\\n",$row[$j]);
if (isset($row[$j])) $result .= "\"$row[$j]\"" ; else $result .= "\"\"";
if ($j<($num_fields-1)) $result .= ",";
}
$result .= ");\n";
}
return $result . "\n\n\n";
}
function transform_price($product_price,$product_discount,$currency_value)
{
require("config.php");
if($currency_value == "GBP") {
if(($product_discount > 0) and ($product_price != $product_discount)) {
$show_price = $discount_text;
} else {
$show_price = $normal_text;
}
$show_price = str_replace("Z~", $currency, $show_price);
$show_price = str_replace("Xproduct_priceX", $product_price, $show_price);
$show_price = str_replace("Xproduct_discountX", $product_discount, $show_price);
$product_price = $show_price;
return $product_price;
}
elseif($currency_value == "EUR") {
$connection = mysql_connect($host,$usr,$pwd);
$euro = @mysql_result(mysql_db_query($db, "SELECT euro from cart_exchange_$shop_code where id='1' ", $connection),0);
$euro_price = $euro * $product_price;
$euro_discount = $euro * $product_discount;
$euro_price = sprintf("%.2f",$euro_price);
$euro_discount = sprintf("%.2f",$euro_discount);
if(($euro_discount > 0) and ($euro_price != $euro_discount)) {
$show_price = $discount_text;
} else {
$show_price = $normal_text;
}
$show_price = str_replace("Z~", "€", $show_price);
$show_price = str_replace("Xproduct_priceX", $euro_price, $show_price);
$show_price = str_replace("Xproduct_discountX", $euro_discount, $show_price);
$product_price = $show_price;
return $product_price;
}
elseif($currency_value == "USD") {
$connection = mysql_connect($host,$usr,$pwd);
$dollar = @mysql_result(mysql_db_query($db, "SELECT dollar from cart_exchange_$shop_code where id='1' ", $connection),0);
$dollar_price = $dollar * $product_price;
$dollar_discount = $dollar * $product_discount;
$dollar_price = sprintf("%.2f",$dollar_price);
$dollar_discount = sprintf("%.2f",$dollar_discount);
if(($dollar_discount > 0) and ($dollar_price != $dollar_discount)) {
$show_price = $discount_text;
} else {
$show_price = $normal_text;
}
$show_price = str_replace("Z~", "$", $show_price);
$show_price = str_replace("Xproduct_priceX", $dollar_price, $show_price);
$show_price = str_replace("Xproduct_discountX", $dollar_discount, $show_price);
$product_price = $show_price;
return $product_price;
}
elseif($currency_value == "YEN") {
$connection = mysql_connect($host,$usr,$pwd);
$yen = @mysql_result(mysql_db_query($db, "SELECT yen from cart_exchange_$shop_code where id='1' ", $connection),0);
$yen_price = $yen * $product_price;
$yen_discount = $yen * $product_discount;
$yen_price = sprintf("%.2f",$yen_price);
$yen_discount = sprintf("%.2f",$yen_discount);
if(($yen_discount > 0) and ($yen_price != $yen_discount)) {
$show_price = $discount_text;
} else {
$show_price = $normal_text;
}
$show_price = str_replace("Z~", "¥", $show_price);
$show_price = str_replace("Xproduct_priceX", $yen_price, $show_price);
$show_price = str_replace("Xproduct_discountX", $yen_discount, $show_price);
$product_price = $show_price;
return $product_price;
}
}
function price_conversion($price,$currency_value)
{
require("config.php");
$connection = mysql_connect($host,$usr,$pwd);
$rate = @mysql_result(mysql_db_query($db, "SELECT $currency_value from cart_exchange_$shop_code where id='1' ", $connection),0);
$price = $price * $rate;
$price = sprintf("%.2f",$price);
return $price;
}
function protx_crypt($total,$name,$email,$address1,$address2,$town,$county,$postcode)
{
require("../config/config.php");
$ThisVendorTxCode = rand(100000,999999);
$stuff = "VendorTxCode=" . $ThisVendorTxCode . "&";
$stuff .= "Amount=" . $total . "&";
$stuff .= "Currency=" . $currency_code . "&";
$stuff .= "Description=" . $protx_desc . "&";
$stuff .= "SuccessURL=" . $protx_callback . "&";
$stuff .= "FailureURL=" . $protx_callback . "&";
$stuff .= "CustomerName=" . $name . "&";
$stuff .= "CustomerEmail=" . $email . "&";
$stuff .= "BillingAddress=" . "$address1\x0D\x0A$address2\x0D\x0A$town\x0D\x0A$county" . "&";
$stuff .= "BillingPostCode=" . $postcode;
$crypt = base64Encode(SimpleXor($stuff,$encryption_password));
return $crypt;
}
function base64Encode($plain) {
$output = "";
$output = base64_encode($plain);
return $output;
}
function base64Decode($scrambled) {
$output = "";
$output = base64_decode($scrambled);
return $output;
}
function simpleXor($InString, $Key) {
$KeyList = array();
$output = "";
for($i = 0; $i < strlen($Key); $i++){
$KeyList[$i] = ord(substr($Key, $i, 1));
}
for($i = 0; $i < strlen($InString); $i++) {
$output.= chr(ord(substr($InString, $i, 1)) ^ ($KeyList[$i % strlen($Key)]));
}
return $output;
}
function getToken($thisString) {
$Tokens = array("Status","StatusDetail","VendorTxCode","VPSTxID","TxAuthNo","Amount","AVSCV2");
$output = array();
$resultArray = array();
for ($i = count($Tokens)-1; $i >= 0 ; $i--){
$start = strpos($thisString, $Tokens[$i]);
if ($start !== false){
$resultArray[$i]->start = $start;
$resultArray[$i]->token = $Tokens[$i];
}
}
sort($resultArray);
for ($i = 0; $i