diff --git a/catalog/admin/action_recorder.php b/catalog/admin/action_recorder.php index 767be0a66..cde45af65 100644 --- a/catalog/admin/action_recorder.php +++ b/catalog/admin/action_recorder.php @@ -52,18 +52,18 @@ 'text' => (is_object(${$modules['module']}) ? ${$modules['module']}->title : $modules['module'])); } - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'expire': $expired_entries = 0; - if (isset($HTTP_GET_VARS['module']) && in_array($HTTP_GET_VARS['module'], $modules_array)) { - if (is_object(${$HTTP_GET_VARS['module']})) { - $expired_entries += ${$HTTP_GET_VARS['module']}->expireEntries(); + if (isset($_GET['module']) && in_array($_GET['module'], $modules_array)) { + if (is_object(${$_GET['module']})) { + $expired_entries += ${$_GET['module']}->expireEntries(); } else { - $delete_query = tep_db_query("delete from " . TABLE_ACTION_RECORDER . " where module = '" . tep_db_input($HTTP_GET_VARS['module']) . "'"); + $delete_query = tep_db_query("delete from " . TABLE_ACTION_RECORDER . " where module = '" . tep_db_input($_GET['module']) . "'"); $expired_entries += tep_db_affected_rows(); } } else { @@ -110,7 +110,7 @@ - + @@ -128,16 +128,16 @@ title; } - if ((!isset($HTTP_GET_VARS['aID']) || (isset($HTTP_GET_VARS['aID']) && ($HTTP_GET_VARS['aID'] == $actions['id']))) && !isset($aInfo)) { + if ((!isset($_GET['aID']) || (isset($_GET['aID']) && ($_GET['aID'] == $actions['id']))) && !isset($aInfo)) { $actions_extra_query = tep_db_query("select identifier from " . TABLE_ACTION_RECORDER . " where id = '" . (int)$actions['id'] . "'"); $actions_extra = tep_db_fetch_array($actions_extra_query); @@ -173,8 +173,8 @@ - - + +
display_count($actions_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ENTRIES); ?>display_links($actions_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], (isset($HTTP_GET_VARS['module']) && in_array($HTTP_GET_VARS['module'], $modules_array) && is_object(${$HTTP_GET_VARS['module']}) ? 'module=' . $HTTP_GET_VARS['module'] : null) . '&' . (isset($HTTP_GET_VARS['search']) && !empty($HTTP_GET_VARS['search']) ? 'search=' . $HTTP_GET_VARS['search'] : null)); ?>display_count($actions_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ENTRIES); ?>display_links($actions_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], (isset($_GET['module']) && in_array($_GET['module'], $modules_array) && is_object(${$_GET['module']}) ? 'module=' . $_GET['module'] : null) . '&' . (isset($_GET['search']) && !empty($_GET['search']) ? 'search=' . $_GET['search'] : null)); ?>
diff --git a/catalog/admin/administrators.php b/catalog/admin/administrators.php index a399ddbd3..e7b1fba18 100644 --- a/catalog/admin/administrators.php +++ b/catalog/admin/administrators.php @@ -14,7 +14,7 @@ $htaccess_array = null; $htpasswd_array = null; - $is_iis = stripos($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'iis'); + $is_iis = stripos($_SERVER['SERVER_SOFTWARE'], 'iis'); $authuserfile_array = array('##### OSCOMMERCE ADMIN PROTECTION - BEGIN #####', 'AuthType Basic', @@ -44,15 +44,15 @@ } } - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': require('includes/functions/password_funcs.php'); - $username = tep_db_prepare_input($HTTP_POST_VARS['username']); - $password = tep_db_prepare_input($HTTP_POST_VARS['password']); + $username = tep_db_prepare_input($_POST['username']); + $password = tep_db_prepare_input($_POST['password']); $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " where user_name = '" . tep_db_input($username) . "' limit 1"); @@ -68,7 +68,7 @@ } } - if (isset($HTTP_POST_VARS['htaccess']) && ($HTTP_POST_VARS['htaccess'] == 'true')) { + if (isset($_POST['htaccess']) && ($_POST['htaccess'] == 'true')) { $htpasswd_array[] = $username . ':' . tep_crypt_apr_md5($password); } @@ -99,10 +99,10 @@ case 'save': require('includes/functions/password_funcs.php'); - $username = tep_db_prepare_input($HTTP_POST_VARS['username']); - $password = tep_db_prepare_input($HTTP_POST_VARS['password']); + $username = tep_db_prepare_input($_POST['username']); + $password = tep_db_prepare_input($_POST['password']); - $check_query = tep_db_query("select id, user_name from " . TABLE_ADMINISTRATORS . " where id = '" . (int)$HTTP_GET_VARS['aID'] . "'"); + $check_query = tep_db_query("select id, user_name from " . TABLE_ADMINISTRATORS . " where id = '" . (int)$_GET['aID'] . "'"); $check = tep_db_fetch_array($check_query); // update username in current session if changed @@ -121,7 +121,7 @@ } } - tep_db_query("update " . TABLE_ADMINISTRATORS . " set user_name = '" . tep_db_input($username) . "' where id = '" . (int)$HTTP_GET_VARS['aID'] . "'"); + tep_db_query("update " . TABLE_ADMINISTRATORS . " set user_name = '" . tep_db_input($username) . "' where id = '" . (int)$_GET['aID'] . "'"); if (tep_not_null($password)) { // update password in htpasswd @@ -134,13 +134,13 @@ } } - if (isset($HTTP_POST_VARS['htaccess']) && ($HTTP_POST_VARS['htaccess'] == 'true')) { + if (isset($_POST['htaccess']) && ($_POST['htaccess'] == 'true')) { $htpasswd_array[] = $username . ':' . tep_crypt_apr_md5($password); } } - tep_db_query("update " . TABLE_ADMINISTRATORS . " set user_password = '" . tep_db_input(tep_encrypt_password($password)) . "' where id = '" . (int)$HTTP_GET_VARS['aID'] . "'"); - } elseif (!isset($HTTP_POST_VARS['htaccess']) || ($HTTP_POST_VARS['htaccess'] != 'true')) { + tep_db_query("update " . TABLE_ADMINISTRATORS . " set user_password = '" . tep_db_input(tep_encrypt_password($password)) . "' where id = '" . (int)$_GET['aID'] . "'"); + } elseif (!isset($_POST['htaccess']) || ($_POST['htaccess'] != 'true')) { if (is_array($htpasswd_array)) { for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) { list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2); @@ -173,10 +173,10 @@ fclose($fp); } - tep_redirect(tep_href_link(FILENAME_ADMINISTRATORS, 'aID=' . (int)$HTTP_GET_VARS['aID'])); + tep_redirect(tep_href_link(FILENAME_ADMINISTRATORS, 'aID=' . (int)$_GET['aID'])); break; case 'deleteconfirm': - $id = tep_db_prepare_input($HTTP_GET_VARS['aID']); + $id = tep_db_prepare_input($_GET['aID']); $check_query = tep_db_query("select id, user_name from " . TABLE_ADMINISTRATORS . " where id = '" . (int)$id . "'"); $check = tep_db_fetch_array($check_query); @@ -261,7 +261,7 @@ add_session(SUCCESS_BACKUP_DELETED, 'success'); @@ -363,7 +363,7 @@ $check = 0; - if ((!isset($HTTP_GET_VARS['file']) || (isset($HTTP_GET_VARS['file']) && ($HTTP_GET_VARS['file'] == $entry))) && !isset($buInfo) && ($action != 'backup') && ($action != 'restorelocal')) { + if ((!isset($_GET['file']) || (isset($_GET['file']) && ($_GET['file'] == $entry))) && !isset($buInfo) && ($action != 'backup') && ($action != 'restorelocal')) { $file_array['file'] = $entry; $file_array['date'] = date(PHP_DATE_TIME_FORMAT, filemtime(DIR_FS_BACKUP . $entry)); $file_array['size'] = number_format(filesize(DIR_FS_BACKUP . $entry)) . ' bytes'; diff --git a/catalog/admin/banner_manager.php b/catalog/admin/banner_manager.php index dcbfde030..941f0b572 100644 --- a/catalog/admin/banner_manager.php +++ b/catalog/admin/banner_manager.php @@ -12,37 +12,37 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); $banner_extension = tep_banner_image_extension(); if (tep_not_null($action)) { switch ($action) { case 'setflag': - if ( ($HTTP_GET_VARS['flag'] == '0') || ($HTTP_GET_VARS['flag'] == '1') ) { - tep_set_banner_status($HTTP_GET_VARS['bID'], $HTTP_GET_VARS['flag']); + if ( ($_GET['flag'] == '0') || ($_GET['flag'] == '1') ) { + tep_set_banner_status($_GET['bID'], $_GET['flag']); $messageStack->add_session(SUCCESS_BANNER_STATUS_UPDATED, 'success'); } else { $messageStack->add_session(ERROR_UNKNOWN_STATUS_FLAG, 'error'); } - tep_redirect(tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $HTTP_GET_VARS['page'] . '&bID=' . $HTTP_GET_VARS['bID'])); + tep_redirect(tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $_GET['page'] . '&bID=' . $_GET['bID'])); break; case 'insert': case 'update': - if (isset($HTTP_POST_VARS['banners_id'])) $banners_id = tep_db_prepare_input($HTTP_POST_VARS['banners_id']); - $banners_title = tep_db_prepare_input($HTTP_POST_VARS['banners_title']); - $banners_url = tep_db_prepare_input($HTTP_POST_VARS['banners_url']); - $new_banners_group = tep_db_prepare_input($HTTP_POST_VARS['new_banners_group']); - $banners_group = (empty($new_banners_group)) ? tep_db_prepare_input($HTTP_POST_VARS['banners_group']) : $new_banners_group; - $banners_html_text = tep_db_prepare_input($HTTP_POST_VARS['banners_html_text']); - $banners_image_local = tep_db_prepare_input($HTTP_POST_VARS['banners_image_local']); - $banners_image_target = tep_db_prepare_input($HTTP_POST_VARS['banners_image_target']); + if (isset($_POST['banners_id'])) $banners_id = tep_db_prepare_input($_POST['banners_id']); + $banners_title = tep_db_prepare_input($_POST['banners_title']); + $banners_url = tep_db_prepare_input($_POST['banners_url']); + $new_banners_group = tep_db_prepare_input($_POST['new_banners_group']); + $banners_group = (empty($new_banners_group)) ? tep_db_prepare_input($_POST['banners_group']) : $new_banners_group; + $banners_html_text = tep_db_prepare_input($_POST['banners_html_text']); + $banners_image_local = tep_db_prepare_input($_POST['banners_image_local']); + $banners_image_target = tep_db_prepare_input($_POST['banners_image_target']); $db_image_location = ''; - $expires_date = tep_db_prepare_input($HTTP_POST_VARS['expires_date']); - $expires_impressions = tep_db_prepare_input($HTTP_POST_VARS['expires_impressions']); - $date_scheduled = tep_db_prepare_input($HTTP_POST_VARS['date_scheduled']); + $expires_date = tep_db_prepare_input($_POST['expires_date']); + $expires_impressions = tep_db_prepare_input($_POST['expires_impressions']); + $date_scheduled = tep_db_prepare_input($_POST['date_scheduled']); $banner_error = false; if (empty($banners_title)) { @@ -107,15 +107,15 @@ tep_db_query("update " . TABLE_BANNERS . " set status = '0', date_scheduled = '" . tep_db_input($date_scheduled) . "' where banners_id = '" . (int)$banners_id . "'"); } - tep_redirect(tep_href_link(FILENAME_BANNER_MANAGER, (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] . '&' : '') . 'bID=' . $banners_id)); + tep_redirect(tep_href_link(FILENAME_BANNER_MANAGER, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'bID=' . $banners_id)); } else { $action = 'new'; } break; case 'deleteconfirm': - $banners_id = tep_db_prepare_input($HTTP_GET_VARS['bID']); + $banners_id = tep_db_prepare_input($_GET['bID']); - if (isset($HTTP_POST_VARS['delete_image']) && ($HTTP_POST_VARS['delete_image'] == 'on')) { + if (isset($_POST['delete_image']) && ($_POST['delete_image'] == 'on')) { $banner_query = tep_db_query("select banners_image from " . TABLE_BANNERS . " where banners_id = '" . (int)$banners_id . "'"); $banner = tep_db_fetch_array($banner_query); @@ -161,7 +161,7 @@ $messageStack->add_session(SUCCESS_BANNER_REMOVED, 'success'); - tep_redirect(tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $_GET['page'])); break; } } @@ -213,17 +213,17 @@ function popupImageWindow(url) { $bInfo = new objectInfo($parameters); - if (isset($HTTP_GET_VARS['bID'])) { + if (isset($_GET['bID'])) { $form_action = 'update'; - $bID = tep_db_prepare_input($HTTP_GET_VARS['bID']); + $bID = tep_db_prepare_input($_GET['bID']); $banner_query = tep_db_query("select banners_title, banners_url, banners_image, banners_group, banners_html_text, status, date_format(date_scheduled, '%Y/%m/%d') as date_scheduled, date_format(expires_date, '%Y/%m/%d') as expires_date, expires_impressions, date_status_change from " . TABLE_BANNERS . " where banners_id = '" . (int)$bID . "'"); $banner = tep_db_fetch_array($banner_query); $bInfo->objectInfo($banner); - } elseif (tep_not_null($HTTP_POST_VARS)) { - $bInfo->objectInfo($HTTP_POST_VARS); + } elseif (tep_not_null($_POST)) { + $bInfo->objectInfo($_POST); } $groups_array = array(); @@ -235,7 +235,7 @@ function popupImageWindow(url) { - + @@ -304,7 +304,7 @@ function popupImageWindow(url) { @@ -324,13 +324,13 @@ function popupImageWindow(url) { banners_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> @@ -350,12 +350,12 @@ function popupImageWindow(url) { - + @@ -86,7 +86,7 @@ - +
- +
' . TEXT_BANNERS_INSERT_NOTE . '
' . TEXT_BANNERS_EXPIRCY_NOTE . '
' . TEXT_BANNERS_SCHEDULE_NOTE; ?>
' . tep_image(DIR_WS_IMAGES . 'icon_popup.gif', 'View Banner') . ' ' . $banners['banners_title']; ?> ' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', 'Set Inactive', 10, 10) . ''; + echo tep_image(DIR_WS_IMAGES . 'icon_status_green.gif', 'Active', 10, 10) . '  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', 'Set Inactive', 10, 10) . ''; } else { - echo '' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', 'Set Active', 10, 10) . '  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', 'Inactive', 10, 10); + echo '' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', 'Set Active', 10, 10) . '  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', 'Inactive', 10, 10); } ?>' . tep_image(DIR_WS_ICONS . 'statistics.gif', ICON_STATISTICS) . ' '; if (isset($bInfo) && is_object($bInfo) && ($banners['banners_id'] == $bInfo->banners_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> ' . tep_image(DIR_WS_ICONS . 'statistics.gif', ICON_STATISTICS) . ' '; if (isset($bInfo) && is_object($bInfo) && ($banners['banners_id'] == $bInfo->banners_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + @@ -379,17 +379,17 @@ function popupImageWindow(url) { case 'delete': $heading[] = array('text' => '' . $bInfo->banners_title . ''); - $contents = array('form' => tep_draw_form('banners', FILENAME_BANNER_MANAGER, 'page=' . $HTTP_GET_VARS['page'] . '&bID=' . $bInfo->banners_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('banners', FILENAME_BANNER_MANAGER, 'page=' . $_GET['page'] . '&bID=' . $bInfo->banners_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $bInfo->banners_title . ''); if ($bInfo->banners_image) $contents[] = array('text' => '
' . tep_draw_checkbox_field('delete_image', 'on', true) . ' ' . TEXT_INFO_DELETE_IMAGE); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $HTTP_GET_VARS['page'] . '&bID=' . $HTTP_GET_VARS['bID']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $_GET['page'] . '&bID=' . $_GET['bID']))); break; default: if (is_object($bInfo)) { $heading[] = array('text' => '' . $bInfo->banners_title . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $HTTP_GET_VARS['page'] . '&bID=' . $bInfo->banners_id . '&action=new')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $HTTP_GET_VARS['page'] . '&bID=' . $bInfo->banners_id . '&action=delete')) . tep_draw_button(IMAGE_DETAILS, 'info', tep_href_link(FILENAME_BANNER_STATISTICS, 'page=' . $HTTP_GET_VARS['page'] . '&bID=' . $bInfo->banners_id))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $_GET['page'] . '&bID=' . $bInfo->banners_id . '&action=new')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_BANNER_MANAGER, 'page=' . $_GET['page'] . '&bID=' . $bInfo->banners_id . '&action=delete')) . tep_draw_button(IMAGE_DETAILS, 'info', tep_href_link(FILENAME_BANNER_STATISTICS, 'page=' . $_GET['page'] . '&bID=' . $bInfo->banners_id))); $contents[] = array('text' => '
' . TEXT_BANNERS_DATE_ADDED . ' ' . tep_date_short($bInfo->date_added)); if ( (function_exists('imagecreate')) && ($dir_ok) && ($banner_extension) ) { diff --git a/catalog/admin/banner_statistics.php b/catalog/admin/banner_statistics.php index 8d5a62f4b..4931e70db 100644 --- a/catalog/admin/banner_statistics.php +++ b/catalog/admin/banner_statistics.php @@ -12,7 +12,7 @@ require('includes/application_top.php'); - $type = (isset($HTTP_GET_VARS['type']) ? $HTTP_GET_VARS['type'] : ''); + $type = (isset($_GET['type']) ? $_GET['type'] : ''); $banner_extension = tep_banner_image_extension(); @@ -30,11 +30,11 @@ } } - $banner_query = tep_db_query("select banners_title from " . TABLE_BANNERS . " where banners_id = '" . (int)$HTTP_GET_VARS['bID'] . "'"); + $banner_query = tep_db_query("select banners_title from " . TABLE_BANNERS . " where banners_id = '" . (int)$_GET['bID'] . "'"); $banner = tep_db_fetch_array($banner_query); $years_array = array(); - $years_query = tep_db_query("select distinct year(banners_history_date) as banner_year from " . TABLE_BANNERS_HISTORY . " where banners_id = '" . (int)$HTTP_GET_VARS['bID'] . "'"); + $years_query = tep_db_query("select distinct year(banners_history_date) as banner_year from " . TABLE_BANNERS_HISTORY . " where banners_id = '" . (int)$_GET['bID'] . "'"); while ($years = tep_db_fetch_array($years_query)) { $years_array[] = array('id' => $years['banner_year'], 'text' => $years['banner_year']); @@ -67,16 +67,16 @@ switch ($type) { case 'yearly': break; case 'monthly': - echo TITLE_YEAR . ' ' . tep_draw_pull_down_menu('year', $years_array, (isset($HTTP_GET_VARS['year']) ? $HTTP_GET_VARS['year'] : date('Y')), 'onchange="this.form.submit();"') . ''; + echo TITLE_YEAR . ' ' . tep_draw_pull_down_menu('year', $years_array, (isset($_GET['year']) ? $_GET['year'] : date('Y')), 'onchange="this.form.submit();"') . ''; break; default: case 'daily': - echo TITLE_MONTH . ' ' . tep_draw_pull_down_menu('month', $months_array, (isset($HTTP_GET_VARS['month']) ? $HTTP_GET_VARS['month'] : date('n')), 'onchange="this.form.submit();"') . '
' . TITLE_YEAR . ' ' . tep_draw_pull_down_menu('year', $years_array, (isset($HTTP_GET_VARS['year']) ? $HTTP_GET_VARS['year'] : date('Y')), 'onchange="this.form.submit();"') . ''; + echo TITLE_MONTH . ' ' . tep_draw_pull_down_menu('month', $months_array, (isset($_GET['month']) ? $_GET['month'] : date('n')), 'onchange="this.form.submit();"') . '
' . TITLE_YEAR . ' ' . tep_draw_pull_down_menu('year', $years_array, (isset($_GET['year']) ? $_GET['year'] : date('Y')), 'onchange="this.form.submit();"') . ''; break; } ?> - +
display_count($banners_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_BANNERS); ?>display_links($banners_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($banners_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_BANNERS); ?>display_links($banners_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
diff --git a/catalog/admin/cache.php b/catalog/admin/cache.php index 7dd4f3a0c..ff91848ba 100644 --- a/catalog/admin/cache.php +++ b/catalog/admin/cache.php @@ -12,11 +12,11 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { if ($action == 'reset') { - tep_reset_cache_block($HTTP_GET_VARS['block']); + tep_reset_cache_block($_GET['block']); } tep_redirect(tep_href_link(FILENAME_CACHE)); diff --git a/catalog/admin/categories.php b/catalog/admin/categories.php index 1b42e6048..71275cbc0 100644 --- a/catalog/admin/categories.php +++ b/catalog/admin/categories.php @@ -15,14 +15,14 @@ require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'setflag': - if ( ($HTTP_GET_VARS['flag'] == '0') || ($HTTP_GET_VARS['flag'] == '1') ) { - if (isset($HTTP_GET_VARS['pID'])) { - tep_set_product_status($HTTP_GET_VARS['pID'], $HTTP_GET_VARS['flag']); + if ( ($_GET['flag'] == '0') || ($_GET['flag'] == '1') ) { + if (isset($_GET['pID'])) { + tep_set_product_status($_GET['pID'], $_GET['flag']); } if (USE_CACHE == 'true') { @@ -31,12 +31,12 @@ } } - tep_redirect(tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $HTTP_GET_VARS['cPath'] . '&pID=' . $HTTP_GET_VARS['pID'])); + tep_redirect(tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $_GET['cPath'] . '&pID=' . $_GET['pID'])); break; case 'insert_category': case 'update_category': - if (isset($HTTP_POST_VARS['categories_id'])) $categories_id = tep_db_prepare_input($HTTP_POST_VARS['categories_id']); - $sort_order = tep_db_prepare_input($HTTP_POST_VARS['sort_order']); + if (isset($_POST['categories_id'])) $categories_id = tep_db_prepare_input($_POST['categories_id']); + $sort_order = tep_db_prepare_input($_POST['sort_order']); $sql_data_array = array('sort_order' => (int)$sort_order); @@ -59,7 +59,7 @@ $languages = tep_get_languages(); for ($i=0, $n=sizeof($languages); $i<$n; $i++) { - $categories_name_array = $HTTP_POST_VARS['categories_name']; + $categories_name_array = $_POST['categories_name']; $language_id = $languages[$i]['id']; @@ -92,8 +92,8 @@ tep_redirect(tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $categories_id)); break; case 'delete_category_confirm': - if (isset($HTTP_POST_VARS['categories_id'])) { - $categories_id = tep_db_prepare_input($HTTP_POST_VARS['categories_id']); + if (isset($_POST['categories_id'])) { + $categories_id = tep_db_prepare_input($_POST['categories_id']); $categories = tep_get_category_tree($categories_id, '', '0', '', true); $products = array(); @@ -141,9 +141,9 @@ tep_redirect(tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath)); break; case 'delete_product_confirm': - if (isset($HTTP_POST_VARS['products_id']) && isset($HTTP_POST_VARS['product_categories']) && is_array($HTTP_POST_VARS['product_categories'])) { - $product_id = tep_db_prepare_input($HTTP_POST_VARS['products_id']); - $product_categories = $HTTP_POST_VARS['product_categories']; + if (isset($_POST['products_id']) && isset($_POST['product_categories']) && is_array($_POST['product_categories'])) { + $product_id = tep_db_prepare_input($_POST['products_id']); + $product_categories = $_POST['product_categories']; for ($i=0, $n=sizeof($product_categories); $i<$n; $i++) { tep_db_query("delete from " . TABLE_PRODUCTS_TO_CATEGORIES . " where products_id = '" . (int)$product_id . "' and categories_id = '" . (int)$product_categories[$i] . "'"); @@ -165,9 +165,9 @@ tep_redirect(tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath)); break; case 'move_category_confirm': - if (isset($HTTP_POST_VARS['categories_id']) && ($HTTP_POST_VARS['categories_id'] != $HTTP_POST_VARS['move_to_category_id'])) { - $categories_id = tep_db_prepare_input($HTTP_POST_VARS['categories_id']); - $new_parent_id = tep_db_prepare_input($HTTP_POST_VARS['move_to_category_id']); + if (isset($_POST['categories_id']) && ($_POST['categories_id'] != $_POST['move_to_category_id'])) { + $categories_id = tep_db_prepare_input($_POST['categories_id']); + $new_parent_id = tep_db_prepare_input($_POST['move_to_category_id']); $path = explode('_', tep_get_generated_category_path_ids($new_parent_id)); @@ -189,8 +189,8 @@ break; case 'move_product_confirm': - $products_id = tep_db_prepare_input($HTTP_POST_VARS['products_id']); - $new_parent_id = tep_db_prepare_input($HTTP_POST_VARS['move_to_category_id']); + $products_id = tep_db_prepare_input($_POST['products_id']); + $new_parent_id = tep_db_prepare_input($_POST['move_to_category_id']); $duplicate_check_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS_TO_CATEGORIES . " where products_id = '" . (int)$products_id . "' and categories_id = '" . (int)$new_parent_id . "'"); $duplicate_check = tep_db_fetch_array($duplicate_check_query); @@ -205,19 +205,19 @@ break; case 'insert_product': case 'update_product': - if (isset($HTTP_GET_VARS['pID'])) $products_id = tep_db_prepare_input($HTTP_GET_VARS['pID']); - $products_date_available = tep_db_prepare_input($HTTP_POST_VARS['products_date_available']); + if (isset($_GET['pID'])) $products_id = tep_db_prepare_input($_GET['pID']); + $products_date_available = tep_db_prepare_input($_POST['products_date_available']); $products_date_available = (date('Y-m-d') < $products_date_available) ? $products_date_available : 'null'; - $sql_data_array = array('products_quantity' => (int)tep_db_prepare_input($HTTP_POST_VARS['products_quantity']), - 'products_model' => tep_db_prepare_input($HTTP_POST_VARS['products_model']), - 'products_price' => tep_db_prepare_input($HTTP_POST_VARS['products_price']), + $sql_data_array = array('products_quantity' => (int)tep_db_prepare_input($_POST['products_quantity']), + 'products_model' => tep_db_prepare_input($_POST['products_model']), + 'products_price' => tep_db_prepare_input($_POST['products_price']), 'products_date_available' => $products_date_available, - 'products_weight' => (float)tep_db_prepare_input($HTTP_POST_VARS['products_weight']), - 'products_status' => tep_db_prepare_input($HTTP_POST_VARS['products_status']), - 'products_tax_class_id' => tep_db_prepare_input($HTTP_POST_VARS['products_tax_class_id']), - 'manufacturers_id' => (int)tep_db_prepare_input($HTTP_POST_VARS['manufacturers_id'])); + 'products_weight' => (float)tep_db_prepare_input($_POST['products_weight']), + 'products_status' => tep_db_prepare_input($_POST['products_status']), + 'products_tax_class_id' => tep_db_prepare_input($_POST['products_tax_class_id']), + 'manufacturers_id' => (int)tep_db_prepare_input($_POST['manufacturers_id'])); $products_image = new upload('products_image'); $products_image->set_destination(DIR_FS_CATALOG_IMAGES); @@ -246,9 +246,9 @@ for ($i=0, $n=sizeof($languages); $i<$n; $i++) { $language_id = $languages[$i]['id']; - $sql_data_array = array('products_name' => tep_db_prepare_input($HTTP_POST_VARS['products_name'][$language_id]), - 'products_description' => tep_db_prepare_input($HTTP_POST_VARS['products_description'][$language_id]), - 'products_url' => tep_db_prepare_input($HTTP_POST_VARS['products_url'][$language_id])); + $sql_data_array = array('products_name' => tep_db_prepare_input($_POST['products_name'][$language_id]), + 'products_description' => tep_db_prepare_input($_POST['products_description'][$language_id]), + 'products_url' => tep_db_prepare_input($_POST['products_url'][$language_id])); if ($action == 'insert_product') { $insert_sql_data = array('products_id' => $products_id, @@ -265,12 +265,12 @@ $pi_sort_order = 0; $piArray = array(0); - foreach ($HTTP_POST_FILES as $key => $value) { + foreach ($_FILES as $key => $value) { // Update existing large product images if (preg_match('/^products_image_large_([0-9]+)$/', $key, $matches)) { $pi_sort_order++; - $sql_data_array = array('htmlcontent' => tep_db_prepare_input($HTTP_POST_VARS['products_image_htmlcontent_' . $matches[1]]), + $sql_data_array = array('htmlcontent' => tep_db_prepare_input($_POST['products_image_htmlcontent_' . $matches[1]]), 'sort_order' => $pi_sort_order); $t = new upload($key); @@ -285,7 +285,7 @@ } elseif (preg_match('/^products_image_large_new_([0-9]+)$/', $key, $matches)) { // Insert new large product images $sql_data_array = array('products_id' => (int)$products_id, - 'htmlcontent' => tep_db_prepare_input($HTTP_POST_VARS['products_image_htmlcontent_new_' . $matches[1]])); + 'htmlcontent' => tep_db_prepare_input($_POST['products_image_htmlcontent_new_' . $matches[1]])); $t = new upload($key); $t->set_destination(DIR_FS_CATALOG_IMAGES); @@ -326,11 +326,11 @@ tep_redirect(tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&pID=' . $products_id)); break; case 'copy_to_confirm': - if (isset($HTTP_POST_VARS['products_id']) && isset($HTTP_POST_VARS['categories_id'])) { - $products_id = tep_db_prepare_input($HTTP_POST_VARS['products_id']); - $categories_id = tep_db_prepare_input($HTTP_POST_VARS['categories_id']); + if (isset($_POST['products_id']) && isset($_POST['categories_id'])) { + $products_id = tep_db_prepare_input($_POST['products_id']); + $categories_id = tep_db_prepare_input($_POST['categories_id']); - if ($HTTP_POST_VARS['copy_as'] == 'link') { + if ($_POST['copy_as'] == 'link') { if ($categories_id != $current_category_id) { $check_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS_TO_CATEGORIES . " where products_id = '" . (int)$products_id . "' and categories_id = '" . (int)$categories_id . "'"); $check = tep_db_fetch_array($check_query); @@ -340,7 +340,7 @@ } else { $messageStack->add_session(ERROR_CANNOT_LINK_TO_SAME_CATEGORY, 'error'); } - } elseif ($HTTP_POST_VARS['copy_as'] == 'duplicate') { + } elseif ($_POST['copy_as'] == 'duplicate') { $product_query = tep_db_query("select products_quantity, products_model, products_image, products_price, products_date_available, products_weight, products_tax_class_id, manufacturers_id from " . TABLE_PRODUCTS . " where products_id = '" . (int)$products_id . "'"); $product = tep_db_fetch_array($product_query); @@ -401,8 +401,8 @@ $pInfo = new objectInfo($parameters); - if (isset($HTTP_GET_VARS['pID']) && empty($HTTP_POST_VARS)) { - $product_query = tep_db_query("select pd.products_name, pd.products_description, pd.products_url, p.products_id, p.products_quantity, p.products_model, p.products_image, p.products_price, p.products_weight, p.products_date_added, p.products_last_modified, date_format(p.products_date_available, '%Y-%m-%d') as products_date_available, p.products_status, p.products_tax_class_id, p.manufacturers_id from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_id = '" . (int)$HTTP_GET_VARS['pID'] . "' and p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "'"); + if (isset($_GET['pID']) && empty($_POST)) { + $product_query = tep_db_query("select pd.products_name, pd.products_description, pd.products_url, p.products_id, p.products_quantity, p.products_model, p.products_image, p.products_price, p.products_weight, p.products_date_added, p.products_last_modified, date_format(p.products_date_available, '%Y-%m-%d') as products_date_available, p.products_status, p.products_tax_class_id, p.manufacturers_id from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_id = '" . (int)$_GET['pID'] . "' and p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "'"); $product = tep_db_fetch_array($product_query); $pInfo->objectInfo($product); @@ -439,7 +439,7 @@ default: $in_status = true; $out_status = false; } - $form_action = (isset($HTTP_GET_VARS['pID'])) ? 'update_product' : 'insert_product'; + $form_action = (isset($_GET['pID'])) ? 'update_product' : 'insert_product'; ?> - + diff --git a/catalog/admin/configuration.php b/catalog/admin/configuration.php index 92d541255..54a2ed2cf 100644 --- a/catalog/admin/configuration.php +++ b/catalog/admin/configuration.php @@ -12,22 +12,22 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'save': - $configuration_value = tep_db_prepare_input($HTTP_POST_VARS['configuration_value']); - $cID = tep_db_prepare_input($HTTP_GET_VARS['cID']); + $configuration_value = tep_db_prepare_input($_POST['configuration_value']); + $cID = tep_db_prepare_input($_GET['cID']); tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . tep_db_input($configuration_value) . "', last_modified = now() where configuration_id = '" . (int)$cID . "'"); - tep_redirect(tep_href_link(FILENAME_CONFIGURATION, 'gID=' . $HTTP_GET_VARS['gID'] . '&cID=' . $cID)); + tep_redirect(tep_href_link(FILENAME_CONFIGURATION, 'gID=' . $_GET['gID'] . '&cID=' . $cID)); break; } } - $gID = (isset($HTTP_GET_VARS['gID'])) ? $HTTP_GET_VARS['gID'] : 1; + $gID = (isset($_GET['gID'])) ? $_GET['gID'] : 1; $cfg_group_query = tep_db_query("select configuration_group_title from " . TABLE_CONFIGURATION_GROUP . " where configuration_group_id = '" . (int)$gID . "'"); $cfg_group = tep_db_fetch_array($cfg_group_query); @@ -72,7 +72,7 @@ $cfgValue = $configuration['configuration_value']; } - if ((!isset($HTTP_GET_VARS['cID']) || (isset($HTTP_GET_VARS['cID']) && ($HTTP_GET_VARS['cID'] == $configuration['configuration_id']))) && !isset($cInfo) && (substr($action, 0, 3) != 'new')) { + if ((!isset($_GET['cID']) || (isset($_GET['cID']) && ($_GET['cID'] == $configuration['configuration_id']))) && !isset($cInfo) && (substr($action, 0, 3) != 'new')) { $cfg_extra_query = tep_db_query("select configuration_key, configuration_description, date_added, last_modified, use_function, set_function from " . TABLE_CONFIGURATION . " where configuration_id = '" . (int)$configuration['configuration_id'] . "'"); $cfg_extra = tep_db_fetch_array($cfg_extra_query); @@ -81,14 +81,14 @@ } if ( (isset($cInfo) && is_object($cInfo)) && ($configuration['configuration_id'] == $cInfo->configuration_id) ) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - + configuration_value); } - $contents = array('form' => tep_draw_form('configuration', FILENAME_CONFIGURATION, 'gID=' . $HTTP_GET_VARS['gID'] . '&cID=' . $cInfo->configuration_id . '&action=save')); + $contents = array('form' => tep_draw_form('configuration', FILENAME_CONFIGURATION, 'gID=' . $_GET['gID'] . '&cID=' . $cInfo->configuration_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $contents[] = array('text' => '
' . $cInfo->configuration_title . '
' . $cInfo->configuration_description . '
' . $value_field); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CONFIGURATION, 'gID=' . $HTTP_GET_VARS['gID'] . '&cID=' . $cInfo->configuration_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CONFIGURATION, 'gID=' . $_GET['gID'] . '&cID=' . $cInfo->configuration_id))); break; default: if (isset($cInfo) && is_object($cInfo)) { $heading[] = array('text' => '' . $cInfo->configuration_title . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_CONFIGURATION, 'gID=' . $HTTP_GET_VARS['gID'] . '&cID=' . $cInfo->configuration_id . '&action=edit'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_CONFIGURATION, 'gID=' . $_GET['gID'] . '&cID=' . $cInfo->configuration_id . '&action=edit'))); $contents[] = array('text' => '
' . $cInfo->configuration_description); $contents[] = array('text' => '
' . TEXT_INFO_DATE_ADDED . ' ' . tep_date_short($cInfo->date_added)); if (tep_not_null($cInfo->last_modified)) $contents[] = array('text' => TEXT_INFO_LAST_MODIFIED . ' ' . tep_date_short($cInfo->last_modified)); diff --git a/catalog/admin/countries.php b/catalog/admin/countries.php index b6df77daa..d61ea21d5 100644 --- a/catalog/admin/countries.php +++ b/catalog/admin/countries.php @@ -12,37 +12,37 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': - $countries_name = tep_db_prepare_input($HTTP_POST_VARS['countries_name']); - $countries_iso_code_2 = tep_db_prepare_input($HTTP_POST_VARS['countries_iso_code_2']); - $countries_iso_code_3 = tep_db_prepare_input($HTTP_POST_VARS['countries_iso_code_3']); - $address_format_id = tep_db_prepare_input($HTTP_POST_VARS['address_format_id']); + $countries_name = tep_db_prepare_input($_POST['countries_name']); + $countries_iso_code_2 = tep_db_prepare_input($_POST['countries_iso_code_2']); + $countries_iso_code_3 = tep_db_prepare_input($_POST['countries_iso_code_3']); + $address_format_id = tep_db_prepare_input($_POST['address_format_id']); tep_db_query("insert into " . TABLE_COUNTRIES . " (countries_name, countries_iso_code_2, countries_iso_code_3, address_format_id) values ('" . tep_db_input($countries_name) . "', '" . tep_db_input($countries_iso_code_2) . "', '" . tep_db_input($countries_iso_code_3) . "', '" . (int)$address_format_id . "')"); tep_redirect(tep_href_link(FILENAME_COUNTRIES)); break; case 'save': - $countries_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); - $countries_name = tep_db_prepare_input($HTTP_POST_VARS['countries_name']); - $countries_iso_code_2 = tep_db_prepare_input($HTTP_POST_VARS['countries_iso_code_2']); - $countries_iso_code_3 = tep_db_prepare_input($HTTP_POST_VARS['countries_iso_code_3']); - $address_format_id = tep_db_prepare_input($HTTP_POST_VARS['address_format_id']); + $countries_id = tep_db_prepare_input($_GET['cID']); + $countries_name = tep_db_prepare_input($_POST['countries_name']); + $countries_iso_code_2 = tep_db_prepare_input($_POST['countries_iso_code_2']); + $countries_iso_code_3 = tep_db_prepare_input($_POST['countries_iso_code_3']); + $address_format_id = tep_db_prepare_input($_POST['address_format_id']); tep_db_query("update " . TABLE_COUNTRIES . " set countries_name = '" . tep_db_input($countries_name) . "', countries_iso_code_2 = '" . tep_db_input($countries_iso_code_2) . "', countries_iso_code_3 = '" . tep_db_input($countries_iso_code_3) . "', address_format_id = '" . (int)$address_format_id . "' where countries_id = '" . (int)$countries_id . "'"); - tep_redirect(tep_href_link(FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $countries_id)); + tep_redirect(tep_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $countries_id)); break; case 'deleteconfirm': - $countries_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); + $countries_id = tep_db_prepare_input($_GET['cID']); tep_db_query("delete from " . TABLE_COUNTRIES . " where countries_id = '" . (int)$countries_id . "'"); - tep_redirect(tep_href_link(FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'])); break; } } @@ -70,23 +70,23 @@ countries_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - +
@@ -681,7 +681,7 @@ function showPiDelConfirm(piId) { - +
products_date_added) ? $pInfo->products_date_added : date('Y-m-d'))) . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . (isset($HTTP_GET_VARS['pID']) ? '&pID=' . $HTTP_GET_VARS['pID'] : ''))); ?>products_date_added) ? $pInfo->products_date_added : date('Y-m-d'))) . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . (isset($_GET['pID']) ? '&pID=' . $_GET['pID'] : ''))); ?>
@@ -694,7 +694,7 @@ function showPiDelConfirm(piId) { tep_childs_in_category_count($categories['categories_id'])); $category_products = array('products_count' => tep_products_in_category_count($categories['categories_id'])); @@ -855,7 +855,7 @@ function showPiDelConfirm(piId) { } $products_count = 0; - if (isset($HTTP_GET_VARS['search'])) { + if (isset($_GET['search'])) { $products_query = tep_db_query("select p.products_id, pd.products_name, p.products_quantity, p.products_image, p.products_price, p.products_date_added, p.products_last_modified, p.products_date_available, p.products_status, p2c.categories_id from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c where p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' and p.products_id = p2c.products_id and pd.products_name like '%" . tep_db_input($search) . "%' order by pd.products_name"); } else { $products_query = tep_db_query("select p.products_id, pd.products_name, p.products_quantity, p.products_image, p.products_price, p.products_date_added, p.products_last_modified, p.products_date_available, p.products_status from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c where p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' and p.products_id = p2c.products_id and p2c.categories_id = '" . (int)$current_category_id . "' order by pd.products_name"); @@ -865,9 +865,9 @@ function showPiDelConfirm(piId) { $rows++; // Get categories_id for product if search - if (isset($HTTP_GET_VARS['search'])) $cPath = $products['categories_id']; + if (isset($_GET['search'])) $cPath = $products['categories_id']; - if ( (!isset($HTTP_GET_VARS['pID']) && !isset($HTTP_GET_VARS['cID']) || (isset($HTTP_GET_VARS['pID']) && ($HTTP_GET_VARS['pID'] == $products['products_id']))) && !isset($pInfo) && !isset($cInfo) && (substr($action, 0, 3) != 'new')) { + if ( (!isset($_GET['pID']) && !isset($_GET['cID']) || (isset($_GET['pID']) && ($_GET['pID'] == $products['products_id']))) && !isset($pInfo) && !isset($cInfo) && (substr($action, 0, 3) != 'new')) { // find out the rating average from customer reviews $reviews_query = tep_db_query("select (avg(reviews_rating) / 5 * 100) as average_rating from " . TABLE_REVIEWS . " where products_id = '" . (int)$products['products_id'] . "'"); $reviews = tep_db_fetch_array($reviews_query); @@ -912,7 +912,7 @@ function showPiDelConfirm(piId) { 		- +
' . TEXT_PRODUCTS . ' ' . $products_count; ?> 0) echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_CATEGORIES, $cPath_back . 'cID=' . $current_category_id)); if (!isset($HTTP_GET_VARS['search'])) echo tep_draw_button(IMAGE_NEW_CATEGORY, 'plus', tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&action=new_category')) . tep_draw_button(IMAGE_NEW_PRODUCT, 'plus', tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&action=new_product')); ?>  0) echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_CATEGORIES, $cPath_back . 'cID=' . $current_category_id)); if (!isset($_GET['search'])) echo tep_draw_button(IMAGE_NEW_CATEGORY, 'plus', tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&action=new_category')) . tep_draw_button(IMAGE_NEW_PRODUCT, 'plus', tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&action=new_product')); ?> 
configuration_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> configuration_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
countries_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> countries_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - + '' . TEXT_INFO_HEADING_NEW_COUNTRY . ''); - $contents = array('form' => tep_draw_form('countries', FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&action=insert')); + $contents = array('form' => tep_draw_form('countries', FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&action=insert')); $contents[] = array('text' => TEXT_INFO_INSERT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_NAME . '
' . tep_draw_input_field('countries_name')); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_CODE_2 . '
' . tep_draw_input_field('countries_iso_code_2')); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_CODE_3 . '
' . tep_draw_input_field('countries_iso_code_3')); $contents[] = array('text' => '
' . TEXT_INFO_ADDRESS_FORMAT . '
' . tep_draw_pull_down_menu('address_format_id', tep_get_address_formats())); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_COUNTRY . ''); - $contents = array('form' => tep_draw_form('countries', FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->countries_id . '&action=save')); + $contents = array('form' => tep_draw_form('countries', FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->countries_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_NAME . '
' . tep_draw_input_field('countries_name', $cInfo->countries_name)); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_CODE_2 . '
' . tep_draw_input_field('countries_iso_code_2', $cInfo->countries_iso_code_2)); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_CODE_3 . '
' . tep_draw_input_field('countries_iso_code_3', $cInfo->countries_iso_code_3)); $contents[] = array('text' => '
' . TEXT_INFO_ADDRESS_FORMAT . '
' . tep_draw_pull_down_menu('address_format_id', tep_get_address_formats(), $cInfo->address_format_id)); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->countries_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->countries_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_COUNTRY . ''); - $contents = array('form' => tep_draw_form('countries', FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->countries_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('countries', FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->countries_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $cInfo->countries_name . ''); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->countries_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->countries_id))); break; default: if (is_object($cInfo)) { $heading[] = array('text' => '' . $cInfo->countries_name . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->countries_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_COUNTRIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->countries_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->countries_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->countries_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_NAME . '
' . $cInfo->countries_name); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_CODE_2 . ' ' . $cInfo->countries_iso_code_2); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_CODE_3 . ' ' . $cInfo->countries_iso_code_3); diff --git a/catalog/admin/currencies.php b/catalog/admin/currencies.php index ca04ebd31..d3ec394b8 100644 --- a/catalog/admin/currencies.php +++ b/catalog/admin/currencies.php @@ -15,21 +15,21 @@ require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': case 'save': - if (isset($HTTP_GET_VARS['cID'])) $currency_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); - $title = tep_db_prepare_input($HTTP_POST_VARS['title']); - $code = tep_db_prepare_input($HTTP_POST_VARS['code']); - $symbol_left = tep_db_prepare_input($HTTP_POST_VARS['symbol_left']); - $symbol_right = tep_db_prepare_input($HTTP_POST_VARS['symbol_right']); - $decimal_point = tep_db_prepare_input($HTTP_POST_VARS['decimal_point']); - $thousands_point = tep_db_prepare_input($HTTP_POST_VARS['thousands_point']); - $decimal_places = tep_db_prepare_input($HTTP_POST_VARS['decimal_places']); - $value = tep_db_prepare_input($HTTP_POST_VARS['value']); + if (isset($_GET['cID'])) $currency_id = tep_db_prepare_input($_GET['cID']); + $title = tep_db_prepare_input($_POST['title']); + $code = tep_db_prepare_input($_POST['code']); + $symbol_left = tep_db_prepare_input($_POST['symbol_left']); + $symbol_right = tep_db_prepare_input($_POST['symbol_right']); + $decimal_point = tep_db_prepare_input($_POST['decimal_point']); + $thousands_point = tep_db_prepare_input($_POST['thousands_point']); + $decimal_places = tep_db_prepare_input($_POST['decimal_places']); + $value = tep_db_prepare_input($_POST['value']); $sql_data_array = array('title' => $title, 'code' => $code, @@ -47,14 +47,14 @@ tep_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', "currencies_id = '" . (int)$currency_id . "'"); } - if (isset($HTTP_POST_VARS['default']) && ($HTTP_POST_VARS['default'] == 'on')) { + if (isset($_POST['default']) && ($_POST['default'] == 'on')) { tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . tep_db_input($code) . "' where configuration_key = 'DEFAULT_CURRENCY'"); } - tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $currency_id)); + tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $currency_id)); break; case 'deleteconfirm': - $currencies_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); + $currencies_id = tep_db_prepare_input($_GET['cID']); $currency_query = tep_db_query("select currencies_id from " . TABLE_CURRENCIES . " where code = '" . DEFAULT_CURRENCY . "'"); $currency = tep_db_fetch_array($currency_query); @@ -65,7 +65,7 @@ tep_db_query("delete from " . TABLE_CURRENCIES . " where currencies_id = '" . (int)$currencies_id . "'"); - tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'])); break; case 'update': $server_used = CURRENCY_SERVER_PRIMARY; @@ -93,10 +93,10 @@ } } - tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $HTTP_GET_VARS['cID'])); + tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $_GET['cID'])); break; case 'delete': - $currencies_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); + $currencies_id = tep_db_prepare_input($_GET['cID']); $currency_query = tep_db_query("select code from " . TABLE_CURRENCIES . " where currencies_id = '" . (int)$currencies_id . "'"); $currency = tep_db_fetch_array($currency_query); @@ -191,17 +191,17 @@ function updateForm() { currencies_id) ) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } if (DEFAULT_CURRENCY == $currency['code']) { @@ -212,7 +212,7 @@ function updateForm() { ?> - + diff --git a/catalog/admin/languages.php b/catalog/admin/languages.php index fdcc0b3c0..51af290db 100644 --- a/catalog/admin/languages.php +++ b/catalog/admin/languages.php @@ -12,16 +12,16 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': - $name = tep_db_prepare_input($HTTP_POST_VARS['name']); - $code = tep_db_prepare_input(substr($HTTP_POST_VARS['code'], 0, 2)); - $image = tep_db_prepare_input($HTTP_POST_VARS['image']); - $directory = tep_db_prepare_input($HTTP_POST_VARS['directory']); - $sort_order = (int)tep_db_prepare_input($HTTP_POST_VARS['sort_order']); + $name = tep_db_prepare_input($_POST['name']); + $code = tep_db_prepare_input(substr($_POST['code'], 0, 2)); + $image = tep_db_prepare_input($_POST['image']); + $directory = tep_db_prepare_input($_POST['directory']); + $sort_order = (int)tep_db_prepare_input($_POST['sort_order']); tep_db_query("insert into " . TABLE_LANGUAGES . " (name, code, image, directory, sort_order) values ('" . tep_db_input($name) . "', '" . tep_db_input($code) . "', '" . tep_db_input($image) . "', '" . tep_db_input($directory) . "', '" . tep_db_input($sort_order) . "')"); $insert_id = tep_db_insert_id(); @@ -62,30 +62,30 @@ tep_db_query("insert into " . TABLE_ORDERS_STATUS . " (orders_status_id, language_id, orders_status_name) values ('" . (int)$orders_status['orders_status_id'] . "', '" . (int)$insert_id . "', '" . tep_db_input($orders_status['orders_status_name']) . "')"); } - if (isset($HTTP_POST_VARS['default']) && ($HTTP_POST_VARS['default'] == 'on')) { + if (isset($_POST['default']) && ($_POST['default'] == 'on')) { tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . tep_db_input($code) . "' where configuration_key = 'DEFAULT_LANGUAGE'"); } - tep_redirect(tep_href_link(FILENAME_LANGUAGES, (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] . '&' : '') . 'lID=' . $insert_id)); + tep_redirect(tep_href_link(FILENAME_LANGUAGES, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'lID=' . $insert_id)); break; case 'save': - $lID = tep_db_prepare_input($HTTP_GET_VARS['lID']); - $name = tep_db_prepare_input($HTTP_POST_VARS['name']); - $code = tep_db_prepare_input(substr($HTTP_POST_VARS['code'], 0, 2)); - $image = tep_db_prepare_input($HTTP_POST_VARS['image']); - $directory = tep_db_prepare_input($HTTP_POST_VARS['directory']); - $sort_order = (int)tep_db_prepare_input($HTTP_POST_VARS['sort_order']); + $lID = tep_db_prepare_input($_GET['lID']); + $name = tep_db_prepare_input($_POST['name']); + $code = tep_db_prepare_input(substr($_POST['code'], 0, 2)); + $image = tep_db_prepare_input($_POST['image']); + $directory = tep_db_prepare_input($_POST['directory']); + $sort_order = (int)tep_db_prepare_input($_POST['sort_order']); tep_db_query("update " . TABLE_LANGUAGES . " set name = '" . tep_db_input($name) . "', code = '" . tep_db_input($code) . "', image = '" . tep_db_input($image) . "', directory = '" . tep_db_input($directory) . "', sort_order = '" . tep_db_input($sort_order) . "' where languages_id = '" . (int)$lID . "'"); - if ($HTTP_POST_VARS['default'] == 'on') { + if ($_POST['default'] == 'on') { tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . tep_db_input($code) . "' where configuration_key = 'DEFAULT_LANGUAGE'"); } - tep_redirect(tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $HTTP_GET_VARS['lID'])); + tep_redirect(tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $_GET['lID'])); break; case 'deleteconfirm': - $lID = tep_db_prepare_input($HTTP_GET_VARS['lID']); + $lID = tep_db_prepare_input($_GET['lID']); $lng_query = tep_db_query("select languages_id from " . TABLE_LANGUAGES . " where code = '" . DEFAULT_CURRENCY . "'"); $lng = tep_db_fetch_array($lng_query); @@ -101,10 +101,10 @@ tep_db_query("delete from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$lID . "'"); tep_db_query("delete from " . TABLE_LANGUAGES . " where languages_id = '" . (int)$lID . "'"); - tep_redirect(tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'])); break; case 'delete': - $lID = tep_db_prepare_input($HTTP_GET_VARS['lID']); + $lID = tep_db_prepare_input($_GET['lID']); $lng_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where languages_id = '" . (int)$lID . "'"); $lng = tep_db_fetch_array($lng_query); @@ -141,18 +141,18 @@ languages_id) ) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } if (DEFAULT_LANGUAGE == $languages['code']) { @@ -162,7 +162,7 @@ } ?> - +
display_count($countries_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_COUNTRIES); ?>display_links($countries_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($countries_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_COUNTRIES); ?>display_links($countries_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
currencies_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> currencies_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - - + + '' . TEXT_INFO_HEADING_NEW_CURRENCY . ''); - $contents = array('form' => tep_draw_form('currencies', FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . (isset($cInfo) ? '&cID=' . $cInfo->currencies_id : '') . '&action=insert')); + $contents = array('form' => tep_draw_form('currencies', FILENAME_CURRENCIES, 'page=' . $_GET['page'] . (isset($cInfo) ? '&cID=' . $cInfo->currencies_id : '') . '&action=insert')); $contents[] = array('text' => TEXT_INFO_INSERT_INTRO); $contents[] = array('text' => '
' . tep_draw_pull_down_menu('cs', $currency_select_array, '', 'onchange="updateForm();"')); $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_TITLE . '
' . tep_draw_input_field('title')); @@ -256,12 +256,12 @@ function updateForm() { $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_DECIMAL_PLACES . '
' . tep_draw_input_field('decimal_places')); $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_VALUE . '
' . tep_draw_input_field('value')); $contents[] = array('text' => '
' . tep_draw_checkbox_field('default') . ' ' . TEXT_INFO_SET_AS_DEFAULT); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $HTTP_GET_VARS['cID']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $_GET['cID']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_CURRENCY . ''); - $contents = array('form' => tep_draw_form('currencies', FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->currencies_id . '&action=save')); + $contents = array('form' => tep_draw_form('currencies', FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->currencies_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_TITLE . '
' . tep_draw_input_field('title', $cInfo->title)); $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_CODE . '
' . tep_draw_input_field('code', $cInfo->code)); @@ -272,20 +272,20 @@ function updateForm() { $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_DECIMAL_PLACES . '
' . tep_draw_input_field('decimal_places', $cInfo->decimal_places)); $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_VALUE . '
' . tep_draw_input_field('value', $cInfo->value)); if (DEFAULT_CURRENCY != $cInfo->code) $contents[] = array('text' => '
' . tep_draw_checkbox_field('default') . ' ' . TEXT_INFO_SET_AS_DEFAULT); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->currencies_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->currencies_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_CURRENCY . ''); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $cInfo->title . ''); - $contents[] = array('align' => 'center', 'text' => '
' . (($remove_currency) ? tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->currencies_id . '&action=deleteconfirm'), 'primary') : '') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->currencies_id))); + $contents[] = array('align' => 'center', 'text' => '
' . (($remove_currency) ? tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->currencies_id . '&action=deleteconfirm'), 'primary') : '') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->currencies_id))); break; default: if (is_object($cInfo)) { $heading[] = array('text' => '' . $cInfo->title . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->currencies_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->currencies_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->currencies_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->currencies_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_TITLE . ' ' . $cInfo->title); $contents[] = array('text' => TEXT_INFO_CURRENCY_CODE . ' ' . $cInfo->code); $contents[] = array('text' => '
' . TEXT_INFO_CURRENCY_SYMBOL_LEFT . ' ' . $cInfo->symbol_left); diff --git a/catalog/admin/customers.php b/catalog/admin/customers.php index 3f51ffaa2..35c298344 100644 --- a/catalog/admin/customers.php +++ b/catalog/admin/customers.php @@ -12,7 +12,7 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); $error = false; $processed = false; @@ -20,27 +20,27 @@ if (tep_not_null($action)) { switch ($action) { case 'update': - $customers_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); - $customers_firstname = tep_db_prepare_input($HTTP_POST_VARS['customers_firstname']); - $customers_lastname = tep_db_prepare_input($HTTP_POST_VARS['customers_lastname']); - $customers_email_address = tep_db_prepare_input($HTTP_POST_VARS['customers_email_address']); - $customers_telephone = tep_db_prepare_input($HTTP_POST_VARS['customers_telephone']); - $customers_fax = tep_db_prepare_input($HTTP_POST_VARS['customers_fax']); - $customers_newsletter = tep_db_prepare_input($HTTP_POST_VARS['customers_newsletter']); - - $customers_gender = tep_db_prepare_input($HTTP_POST_VARS['customers_gender']); - $customers_dob = tep_db_prepare_input($HTTP_POST_VARS['customers_dob']); - - $default_address_id = tep_db_prepare_input($HTTP_POST_VARS['default_address_id']); - $entry_street_address = tep_db_prepare_input($HTTP_POST_VARS['entry_street_address']); - $entry_suburb = tep_db_prepare_input($HTTP_POST_VARS['entry_suburb']); - $entry_postcode = tep_db_prepare_input($HTTP_POST_VARS['entry_postcode']); - $entry_city = tep_db_prepare_input($HTTP_POST_VARS['entry_city']); - $entry_country_id = tep_db_prepare_input($HTTP_POST_VARS['entry_country_id']); - - $entry_company = tep_db_prepare_input($HTTP_POST_VARS['entry_company']); - $entry_state = tep_db_prepare_input($HTTP_POST_VARS['entry_state']); - if (isset($HTTP_POST_VARS['entry_zone_id'])) $entry_zone_id = tep_db_prepare_input($HTTP_POST_VARS['entry_zone_id']); + $customers_id = tep_db_prepare_input($_GET['cID']); + $customers_firstname = tep_db_prepare_input($_POST['customers_firstname']); + $customers_lastname = tep_db_prepare_input($_POST['customers_lastname']); + $customers_email_address = tep_db_prepare_input($_POST['customers_email_address']); + $customers_telephone = tep_db_prepare_input($_POST['customers_telephone']); + $customers_fax = tep_db_prepare_input($_POST['customers_fax']); + $customers_newsletter = tep_db_prepare_input($_POST['customers_newsletter']); + + $customers_gender = tep_db_prepare_input($_POST['customers_gender']); + $customers_dob = tep_db_prepare_input($_POST['customers_dob']); + + $default_address_id = tep_db_prepare_input($_POST['default_address_id']); + $entry_street_address = tep_db_prepare_input($_POST['entry_street_address']); + $entry_suburb = tep_db_prepare_input($_POST['entry_suburb']); + $entry_postcode = tep_db_prepare_input($_POST['entry_postcode']); + $entry_city = tep_db_prepare_input($_POST['entry_city']); + $entry_country_id = tep_db_prepare_input($_POST['entry_country_id']); + + $entry_company = tep_db_prepare_input($_POST['entry_company']); + $entry_state = tep_db_prepare_input($_POST['entry_state']); + if (isset($_POST['entry_zone_id'])) $entry_zone_id = tep_db_prepare_input($_POST['entry_zone_id']); if (strlen($customers_firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) { $error = true; @@ -192,15 +192,15 @@ tep_redirect(tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $customers_id)); } else if ($error == true) { - $cInfo = new objectInfo($HTTP_POST_VARS); + $cInfo = new objectInfo($_POST); $processed = true; } break; case 'deleteconfirm': - $customers_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); + $customers_id = tep_db_prepare_input($_GET['cID']); - if (isset($HTTP_POST_VARS['delete_reviews']) && ($HTTP_POST_VARS['delete_reviews'] == 'on')) { + if (isset($_POST['delete_reviews']) && ($_POST['delete_reviews'] == 'on')) { $reviews_query = tep_db_query("select reviews_id from " . TABLE_REVIEWS . " where customers_id = '" . (int)$customers_id . "'"); while ($reviews = tep_db_fetch_array($reviews_query)) { tep_db_query("delete from " . TABLE_REVIEWS_DESCRIPTION . " where reviews_id = '" . (int)$reviews['reviews_id'] . "'"); @@ -222,7 +222,7 @@ break; default: if ($action != 'confirm') { - $customers_query = tep_db_query("select c.customers_id, c.customers_gender, c.customers_firstname, c.customers_lastname, c.customers_dob, c.customers_email_address, a.entry_company, a.entry_street_address, a.entry_suburb, a.entry_postcode, a.entry_city, a.entry_state, a.entry_zone_id, a.entry_country_id, c.customers_telephone, c.customers_fax, c.customers_newsletter, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.customers_default_address_id = a.address_book_id where a.customers_id = c.customers_id and c.customers_id = '" . (int)$HTTP_GET_VARS['cID'] . "'"); + $customers_query = tep_db_query("select c.customers_id, c.customers_gender, c.customers_firstname, c.customers_lastname, c.customers_dob, c.customers_email_address, a.entry_company, a.entry_street_address, a.entry_suburb, a.entry_postcode, a.entry_city, a.entry_state, a.entry_zone_id, a.entry_country_id, c.customers_telephone, c.customers_fax, c.customers_newsletter, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.customers_default_address_id = a.address_book_id where a.customers_id = c.customers_id and c.customers_id = '" . (int)$_GET['cID'] . "'"); $customers = tep_db_fetch_array($customers_query); $cInfo = new objectInfo($customers); } @@ -687,18 +687,18 @@ function check_form() { - +
display_count($currency_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_CURRENCIES); ?>display_links($currency_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($currency_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_CURRENCIES); ?>display_links($currency_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
currencies_id . '&action=update')); } ?>currencies_id . '&action=new')); ?>currencies_id . '&action=update')); } ?>currencies_id . '&action=new')); ?>
- - + + diff --git a/catalog/admin/database_tables.php b/catalog/admin/database_tables.php index 6a57ddcd5..25dcbb936 100644 --- a/catalog/admin/database_tables.php +++ b/catalog/admin/database_tables.php @@ -42,19 +42,19 @@ function tep_dt_get_tables() { array('id' => 'utf8', 'text' => ACTION_UTF8_CONVERSION)); - if ( isset($HTTP_POST_VARS['action']) ) { - if ( in_array($HTTP_POST_VARS['action'], array('check', 'analyze', 'optimize', 'repair', 'utf8')) ) { - if ( isset($HTTP_POST_VARS['id']) && is_array($HTTP_POST_VARS['id']) && !empty($HTTP_POST_VARS['id']) ) { + if ( isset($_POST['action']) ) { + if ( in_array($_POST['action'], array('check', 'analyze', 'optimize', 'repair', 'utf8')) ) { + if ( isset($_POST['id']) && is_array($_POST['id']) && !empty($_POST['id']) ) { $tables = tep_dt_get_tables(); - foreach ( $HTTP_POST_VARS['id'] as $key => $value ) { + foreach ( $_POST['id'] as $key => $value ) { if ( !in_array($value, $tables) ) { - unset($HTTP_POST_VARS['id'][$key]); + unset($_POST['id'][$key]); } } - if ( !empty($HTTP_POST_VARS['id']) ) { - $action = $HTTP_POST_VARS['action']; + if ( !empty($_POST['id']) ) { + $action = $_POST['action']; } } } @@ -74,7 +74,7 @@ function tep_dt_get_tables() { $table_data = array(); - foreach ( $HTTP_POST_VARS['id'] as $table ) { + foreach ( $_POST['id'] as $table ) { $current_table = null; $sql_query = tep_db_query($action . " table " . $table); @@ -82,7 +82,7 @@ function tep_dt_get_tables() { $table_data[] = array(($table != $current_table) ? tep_output_string_protected($table) : '', tep_output_string_protected($sql['Msg_type']), tep_output_string_protected($sql['Msg_text']), - ($table != $current_table) ? tep_draw_checkbox_field('id[]', $table, isset($HTTP_POST_VARS['id']) && in_array($table, $HTTP_POST_VARS['id'])) : ''); + ($table != $current_table) ? tep_draw_checkbox_field('id[]', $table, isset($_POST['id']) && in_array($table, $_POST['id'])) : ''); $current_table = $table; } @@ -93,12 +93,12 @@ function tep_dt_get_tables() { case 'utf8': $charset_pass = false; - if ( isset($HTTP_POST_VARS['from_charset']) ) { - if ( $HTTP_POST_VARS['from_charset'] == 'auto' ) { + if ( isset($_POST['from_charset']) ) { + if ( $_POST['from_charset'] == 'auto' ) { $charset_pass = true; } else { foreach ( $mysql_charsets as $c ) { - if ( $HTTP_POST_VARS['from_charset'] == $c['id'] ) { + if ( $_POST['from_charset'] == $c['id'] ) { $charset_pass = true; break; } @@ -112,7 +112,7 @@ function tep_dt_get_tables() { tep_set_time_limit(0); - if ( isset($HTTP_POST_VARS['dryrun']) ) { + if ( isset($_POST['dryrun']) ) { $table_headers = array(TABLE_HEADING_QUERIES); } else { $table_headers = array(TABLE_HEADING_TABLE, @@ -122,7 +122,7 @@ function tep_dt_get_tables() { $table_data = array(); - foreach ( $HTTP_POST_VARS['id'] as $table ) { + foreach ( $_POST['id'] as $table ) { $result = 'OK'; $queries = array(); @@ -130,10 +130,10 @@ function tep_dt_get_tables() { $cols_query = tep_db_query("show full columns from " . $table); while ( $cols = tep_db_fetch_array($cols_query) ) { if ( !empty($cols['Collation']) ) { - if ( $HTTP_POST_VARS['from_charset'] == 'auto' ) { + if ( $_POST['from_charset'] == 'auto' ) { $old_charset = substr($cols['Collation'], 0, strpos($cols['Collation'], '_')); } else { - $old_charset = $HTTP_POST_VARS['from_charset']; + $old_charset = $_POST['from_charset']; } $queries[] = "update " . $table . " set " . $cols['Field'] . " = convert(binary convert(" . $cols['Field'] . " using " . $old_charset . ") using utf8) where char_length(" . $cols['Field'] . ") = length(convert(binary convert(" . $cols['Field'] . " using " . $old_charset . ") using utf8))"; @@ -142,7 +142,7 @@ function tep_dt_get_tables() { $query = "alter table " . $table . " convert to character set utf8 collate utf8_unicode_ci"; - if ( isset($HTTP_POST_VARS['dryrun']) ) { + if ( isset($_POST['dryrun']) ) { $table_data[] = array($query); foreach ( $queries as $q ) { @@ -162,7 +162,7 @@ function tep_dt_get_tables() { } } - if ( !isset($HTTP_POST_VARS['dryrun']) ) { + if ( !isset($_POST['dryrun']) ) { $table_data[] = array(tep_output_string_protected($table), tep_output_string_protected($result), tep_draw_checkbox_field('id[]', $table, true)); @@ -232,7 +232,7 @@ function tep_dt_get_tables() {
display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS); ?>display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], tep_get_all_get_params(array('page', 'info', 'x', 'y', 'cID'))); ?>display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS); ?>display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], tep_get_all_get_params(array('page', 'info', 'x', 'y', 'cID'))); ?>
diff --git a/catalog/admin/define_language.php b/catalog/admin/define_language.php index 3a4dc9e8d..2c9cd0072 100644 --- a/catalog/admin/define_language.php +++ b/catalog/admin/define_language.php @@ -42,44 +42,44 @@ function tep_opendir($path) { return $result; } - if (!isset($HTTP_GET_VARS['lngdir'])) $HTTP_GET_VARS['lngdir'] = $language; + if (!isset($_GET['lngdir'])) $_GET['lngdir'] = $language; $languages_array = array(); $languages = tep_get_languages(); $lng_exists = false; for ($i=0, $n=sizeof($languages); $i<$n; $i++) { - if ($languages[$i]['directory'] == $HTTP_GET_VARS['lngdir']) $lng_exists = true; + if ($languages[$i]['directory'] == $_GET['lngdir']) $lng_exists = true; $languages_array[] = array('id' => $languages[$i]['directory'], 'text' => $languages[$i]['name']); } - if (!$lng_exists) $HTTP_GET_VARS['lngdir'] = $language; + if (!$lng_exists) $_GET['lngdir'] = $language; - if (isset($HTTP_GET_VARS['filename'])) { - $file_edit = realpath(DIR_FS_CATALOG_LANGUAGES . $HTTP_GET_VARS['filename']); + if (isset($_GET['filename'])) { + $file_edit = realpath(DIR_FS_CATALOG_LANGUAGES . $_GET['filename']); if (substr($file_edit, 0, strlen(DIR_FS_CATALOG_LANGUAGES)) != DIR_FS_CATALOG_LANGUAGES) { - tep_redirect(tep_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $HTTP_GET_VARS['lngdir'])); + tep_redirect(tep_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $_GET['lngdir'])); } } - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'save': - if (isset($HTTP_GET_VARS['lngdir']) && isset($HTTP_GET_VARS['filename'])) { - $file = DIR_FS_CATALOG_LANGUAGES . $HTTP_GET_VARS['filename']; + if (isset($_GET['lngdir']) && isset($_GET['filename'])) { + $file = DIR_FS_CATALOG_LANGUAGES . $_GET['filename']; if (file_exists($file) && tep_is_writable($file)) { $new_file = fopen($file, 'w'); - $file_contents = stripslashes($HTTP_POST_VARS['file_contents']); + $file_contents = stripslashes($_POST['file_contents']); fwrite($new_file, $file_contents, strlen($file_contents)); fclose($new_file); } - tep_redirect(tep_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $HTTP_GET_VARS['lngdir'])); + tep_redirect(tep_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $_GET['lngdir'])); } break; } @@ -94,15 +94,15 @@ function tep_opendir($path) {
- + @@ -149,12 +149,12 @@ function tep_opendir($path) { - + @@ -165,17 +165,17 @@ function tep_opendir($path) { - + ' . - ' ' . + ' ' . ' ' . ' ' . ' '; diff --git a/catalog/admin/ext/modules/payment/moneybookers/activation.php b/catalog/admin/ext/modules/payment/moneybookers/activation.php index ea002b63b..36d7db399 100644 --- a/catalog/admin/ext/modules/payment/moneybookers/activation.php +++ b/catalog/admin/ext/modules/payment/moneybookers/activation.php @@ -15,13 +15,13 @@ require('../includes/languages/' . $language . '/modules/payment/moneybookers.php'); require('../includes/modules/payment/moneybookers.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); $pass = false; switch ($action) { case 'verifyEmail': $mb = new moneybookers(); - $result = $mb->sendTransactionToGateway('https://www.moneybookers.com/app/email_check.pl', 'email=' . $HTTP_POST_VARS['mb_email'] . '&cust_id=2167348&password=281f2d9f44066eab75db5afb063952b1'); + $result = $mb->sendTransactionToGateway('https://www.moneybookers.com/app/email_check.pl', 'email=' . $_POST['mb_email'] . '&cust_id=2167348&password=281f2d9f44066eab75db5afb063952b1'); $result = explode(',', $result, 2); if ( (sizeof($result) == 2) && ($result[0] == 'OK') ) { @@ -29,12 +29,12 @@ $email_body = 'Store Name: ' . STORE_NAME . ' (powered by osCommerce Online Merchant (' . $mb->signature . '))' . "\n" . 'Merchant Name: ' . STORE_OWNER . "\n" . - 'Moneybookers E-Mail Address: ' . $HTTP_POST_VARS['mb_email'] . "\n" . + 'Moneybookers E-Mail Address: ' . $_POST['mb_email'] . "\n" . 'Moneybookers Customer ID: ' . $result[1] . "\n" . 'Store URL: ' . tep_catalog_href_link() . "\n" . 'Language: ' . $language . "\n"; - tep_mail('', 'ecommerce@moneybookers.com', 'Quick Checkout Account Activation', $email_body, '', $HTTP_POST_VARS['mb_email']); + tep_mail('', 'ecommerce@moneybookers.com', 'Quick Checkout Account Activation', $email_body, '', $_POST['mb_email']); } break; @@ -78,7 +78,7 @@ ?>

- +

'; - $global_button = tep_draw_button(BUTTON_GLOBAL, 'circle-triangle-n', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID'] . '&action=confirm&global=true'), 'primary'); + $global_button = tep_draw_button(BUTTON_GLOBAL, 'circle-triangle-n', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'] . '&action=confirm&global=true'), 'primary'); - $cancel_button = tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID'])); + $cancel_button = tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'])); - $choose_audience_string .= '
- + @@ -129,7 +129,7 @@ function tep_opendir($path) { - +
' . substr($filename, strlen($HTTP_GET_VARS['lngdir'] . '/')) . '' . substr($filename, strlen($_GET['lngdir'] . '/')) . '' . tep_image(DIR_WS_IMAGES . 'icons/' . (($file['writable'] == true) ? 'tick.gif' : 'cross.gif')) . '' . $file['last_modified'] . '
' . "\n" . + $choose_audience_string .= '
' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . @@ -89,11 +89,10 @@ function selectAll(FormName, SelectBox) { } function confirm() { - global $HTTP_GET_VARS, $HTTP_POST_VARS; $audience = array(); - if (isset($HTTP_GET_VARS['global']) && ($HTTP_GET_VARS['global'] == 'true')) { + if (isset($_GET['global']) && ($_GET['global'] == 'true')) { $products_query = tep_db_query("select distinct customers_id from " . TABLE_PRODUCTS_NOTIFICATIONS); while ($products = tep_db_fetch_array($products_query)) { $audience[$products['customers_id']] = '1'; @@ -104,7 +103,7 @@ function confirm() { $audience[$customers['customers_info_id']] = '1'; } } else { - $chosen = $HTTP_POST_VARS['chosen']; + $chosen = $_POST['chosen']; $ids = implode(',', $chosen); @@ -138,10 +137,10 @@ function confirm() { ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . - ' ' . tep_draw_form('confirm', FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID'] . '&action=confirm_send') . "\n" . + ' ' . tep_draw_form('confirm', FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'] . '&action=confirm_send') . "\n" . ' ' . "\n" . + $confirm_string .= tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'] . '&action=send')) . '' . "\n" . ' ' . "\n" . '
' . TEXT_PRODUCTS . '
' . tep_draw_pull_down_menu('products', $products_array, '', 'size="20" style="width: 20em;" multiple') . '		 
' . $global_button . '







' . tep_draw_button(IMAGE_SEND, 'mail-closed', null, 'primary') . '

' . $cancel_button . '
' . tep_draw_separator('pixel_trans.gif', '1', '10') . '
'; if (sizeof($audience) > 0) { - if (isset($HTTP_GET_VARS['global']) && ($HTTP_GET_VARS['global'] == 'true')) { + if (isset($_GET['global']) && ($_GET['global'] == 'true')) { $confirm_string .= tep_draw_hidden_field('global', 'true'); } else { for ($i = 0, $n = sizeof($chosen); $i < $n; $i++) { @@ -150,7 +149,7 @@ function confirm() { } $confirm_string .= tep_draw_button(IMAGE_SEND, 'mail-closed', null, 'primary'); } - $confirm_string .= tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID'] . '&action=send')) . '
'; @@ -158,11 +157,10 @@ function confirm() { } function send($newsletter_id) { - global $HTTP_POST_VARS; $audience = array(); - if (isset($HTTP_POST_VARS['global']) && ($HTTP_POST_VARS['global'] == 'true')) { + if (isset($_POST['global']) && ($_POST['global'] == 'true')) { $products_query = tep_db_query("select distinct pn.customers_id, c.customers_firstname, c.customers_lastname, c.customers_email_address from " . TABLE_CUSTOMERS . " c, " . TABLE_PRODUCTS_NOTIFICATIONS . " pn where c.customers_id = pn.customers_id"); while ($products = tep_db_fetch_array($products_query)) { $audience[$products['customers_id']] = array('firstname' => $products['customers_firstname'], @@ -177,7 +175,7 @@ function send($newsletter_id) { 'email_address' => $customers['customers_email_address']); } } else { - $chosen = $HTTP_POST_VARS['chosen']; + $chosen = $_POST['chosen']; $ids = implode(',', $chosen); diff --git a/catalog/admin/includes/modules/security_check/extended/admin_backup_directory_listing.php b/catalog/admin/includes/modules/security_check/extended/admin_backup_directory_listing.php index 8653305c9..921475062 100644 --- a/catalog/admin/includes/modules/security_check/extended/admin_backup_directory_listing.php +++ b/catalog/admin/includes/modules/security_check/extended/admin_backup_directory_listing.php @@ -33,7 +33,6 @@ function getMessage() { } function getHttpRequest($url) { - global $HTTP_SERVER_VARS; $server = parse_url($url); @@ -54,8 +53,8 @@ function getHttpRequest($url) { curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'HEAD'); curl_setopt($curl, CURLOPT_NOBODY, true); - if ( isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']) ) { - curl_setopt($curl, CURLOPT_USERPWD, $HTTP_SERVER_VARS['PHP_AUTH_USER'] . ':' . $HTTP_SERVER_VARS['PHP_AUTH_PW']); + if ( isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) ) { + curl_setopt($curl, CURLOPT_USERPWD, $_SERVER['PHP_AUTH_USER'] . ':' . $_SERVER['PHP_AUTH_PW']); $this->type = 'warning'; } diff --git a/catalog/admin/includes/modules/security_check/extended/admin_backup_file.php b/catalog/admin/includes/modules/security_check/extended/admin_backup_file.php index 8e2a0805f..4d9ff77c0 100644 --- a/catalog/admin/includes/modules/security_check/extended/admin_backup_file.php +++ b/catalog/admin/includes/modules/security_check/extended/admin_backup_file.php @@ -67,7 +67,6 @@ function getMessage() { } function getHttpRequest($url) { - global $HTTP_SERVER_VARS; $server = parse_url($url); @@ -88,8 +87,8 @@ function getHttpRequest($url) { curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'HEAD'); curl_setopt($curl, CURLOPT_NOBODY, true); - if ( isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']) ) { - curl_setopt($curl, CURLOPT_USERPWD, $HTTP_SERVER_VARS['PHP_AUTH_USER'] . ':' . $HTTP_SERVER_VARS['PHP_AUTH_PW']); + if ( isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) ) { + curl_setopt($curl, CURLOPT_USERPWD, $_SERVER['PHP_AUTH_USER'] . ':' . $_SERVER['PHP_AUTH_PW']); $this->type = 'warning'; } diff --git a/catalog/admin/includes/modules/security_check/extended/admin_http_authentication.php b/catalog/admin/includes/modules/security_check/extended/admin_http_authentication.php index 1b95c47af..81fe66838 100644 --- a/catalog/admin/includes/modules/security_check/extended/admin_http_authentication.php +++ b/catalog/admin/includes/modules/security_check/extended/admin_http_authentication.php @@ -22,9 +22,8 @@ function securityCheckExtended_admin_http_authentication() { } function pass() { - global $HTTP_SERVER_VARS; - return isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']); + return isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']); } function getMessage() { diff --git a/catalog/admin/invoice.php b/catalog/admin/invoice.php index 04a7a0ef2..367e4e436 100644 --- a/catalog/admin/invoice.php +++ b/catalog/admin/invoice.php @@ -15,7 +15,7 @@ require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); - $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); + $oID = tep_db_prepare_input($_GET['oID']); $orders_query = tep_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'"); include(DIR_WS_CLASSES . 'order.php'); @@ -36,7 +36,7 @@ 		- +
' . nl2br(STORE_ADDRESS) . '
' . STORE_PHONE; ?>
languages_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> languages_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - + '
' . TEXT_INFO_LANGUAGE_DIRECTORY . '
' . tep_draw_input_field('directory')); $contents[] = array('text' => '
' . TEXT_INFO_LANGUAGE_SORT_ORDER . '
' . tep_draw_input_field('sort_order')); $contents[] = array('text' => '
' . tep_draw_checkbox_field('default') . ' ' . TEXT_SET_DEFAULT); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $HTTP_GET_VARS['lID']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $_GET['lID']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_LANGUAGE . ''); - $contents = array('form' => tep_draw_form('languages', FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $lInfo->languages_id . '&action=save')); + $contents = array('form' => tep_draw_form('languages', FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $lInfo->languages_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_LANGUAGE_NAME . '
' . tep_draw_input_field('name', $lInfo->name)); $contents[] = array('text' => '
' . TEXT_INFO_LANGUAGE_CODE . '
' . tep_draw_input_field('code', $lInfo->code)); @@ -214,20 +214,20 @@ $contents[] = array('text' => '
' . TEXT_INFO_LANGUAGE_DIRECTORY . '
' . tep_draw_input_field('directory', $lInfo->directory)); $contents[] = array('text' => '
' . TEXT_INFO_LANGUAGE_SORT_ORDER . '
' . tep_draw_input_field('sort_order', $lInfo->sort_order)); if (DEFAULT_LANGUAGE != $lInfo->code) $contents[] = array('text' => '
' . tep_draw_checkbox_field('default') . ' ' . TEXT_SET_DEFAULT); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $lInfo->languages_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $lInfo->languages_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_LANGUAGE . ''); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $lInfo->name . ''); - $contents[] = array('align' => 'center', 'text' => '
' . (($remove_language) ? tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $lInfo->languages_id . '&action=deleteconfirm'), 'primary') : '') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $lInfo->languages_id))); + $contents[] = array('align' => 'center', 'text' => '
' . (($remove_language) ? tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $lInfo->languages_id . '&action=deleteconfirm'), 'primary') : '') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $lInfo->languages_id))); break; default: if (is_object($lInfo)) { $heading[] = array('text' => '' . $lInfo->name . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $lInfo->languages_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_LANGUAGES, 'page=' . $HTTP_GET_VARS['page'] . '&lID=' . $lInfo->languages_id . '&action=delete')) . tep_draw_button(IMAGE_DETAILS, 'info', tep_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $lInfo->directory))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $lInfo->languages_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $lInfo->languages_id . '&action=delete')) . tep_draw_button(IMAGE_DETAILS, 'info', tep_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $lInfo->directory))); $contents[] = array('text' => '
' . TEXT_INFO_LANGUAGE_NAME . ' ' . $lInfo->name); $contents[] = array('text' => TEXT_INFO_LANGUAGE_CODE . ' ' . $lInfo->code); $contents[] = array('text' => '
' . tep_image(tep_catalog_href_link(DIR_WS_LANGUAGES . $lInfo->directory . '/images/' . $lInfo->image, '', 'SSL'), $lInfo->name)); diff --git a/catalog/admin/login.php b/catalog/admin/login.php index 2f76f85b3..d1042d521 100644 --- a/catalog/admin/login.php +++ b/catalog/admin/login.php @@ -15,7 +15,7 @@ require('includes/application_top.php'); require('includes/functions/password_funcs.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); // prepare to logout an active administrator if the login page is accessed again if (tep_session_is_registered('admin')) { @@ -25,12 +25,12 @@ if (tep_not_null($action)) { switch ($action) { case 'process': - if (tep_session_is_registered('redirect_origin') && isset($redirect_origin['auth_user']) && !isset($HTTP_POST_VARS['username'])) { + if (tep_session_is_registered('redirect_origin') && isset($redirect_origin['auth_user']) && !isset($_POST['username'])) { $username = tep_db_prepare_input($redirect_origin['auth_user']); $password = tep_db_prepare_input($redirect_origin['auth_pw']); } else { - $username = tep_db_prepare_input($HTTP_POST_VARS['username']); - $password = tep_db_prepare_input($HTTP_POST_VARS['password']); + $username = tep_db_prepare_input($_POST['username']); + $password = tep_db_prepare_input($_POST['password']); } $actionRecorder = new actionRecorderAdmin('ar_admin_login', null, $username); @@ -72,14 +72,14 @@ } } - if (isset($HTTP_POST_VARS['username'])) { + if (isset($_POST['username'])) { $messageStack->add(ERROR_INVALID_ADMINISTRATOR, 'error'); } } else { $messageStack->add(sprintf(ERROR_ACTION_RECORDER, (defined('MODULE_ACTION_RECORDER_ADMIN_LOGIN_MINUTES') ? (int)MODULE_ACTION_RECORDER_ADMIN_LOGIN_MINUTES : 5))); } - if (isset($HTTP_POST_VARS['username'])) { + if (isset($_POST['username'])) { $actionRecorder->record(false); } @@ -88,7 +88,7 @@ case 'logoff': tep_session_unregister('admin'); - if (isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW']) && !empty($HTTP_SERVER_VARS['PHP_AUTH_PW'])) { + if (isset($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && !empty($_SERVER['PHP_AUTH_PW'])) { tep_session_register('auth_ignore'); $auth_ignore = true; } @@ -101,8 +101,8 @@ $check_query = tep_db_query("select id from " . TABLE_ADMINISTRATORS . " limit 1"); if (tep_db_num_rows($check_query) == 0) { - $username = tep_db_prepare_input($HTTP_POST_VARS['username']); - $password = tep_db_prepare_input($HTTP_POST_VARS['password']); + $username = tep_db_prepare_input($_POST['username']); + $password = tep_db_prepare_input($_POST['password']); if ( !empty($username) ) { tep_db_query("insert into " . TABLE_ADMINISTRATORS . " (user_name, user_password) values ('" . tep_db_input($username) . "', '" . tep_db_input(tep_encrypt_password($password)) . "')"); diff --git a/catalog/admin/mail.php b/catalog/admin/mail.php index 4117f6d94..0db007a14 100644 --- a/catalog/admin/mail.php +++ b/catalog/admin/mail.php @@ -12,10 +12,10 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); - if ( ($action == 'send_email_to_user') && isset($HTTP_POST_VARS['customers_email_address']) && !isset($HTTP_POST_VARS['back_x']) ) { - switch ($HTTP_POST_VARS['customers_email_address']) { + if ( ($action == 'send_email_to_user') && isset($_POST['customers_email_address']) && !isset($_POST['back_x']) ) { + switch ($_POST['customers_email_address']) { case '***': $mail_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS); $mail_sent_to = TEXT_ALL_CUSTOMERS; @@ -25,16 +25,16 @@ $mail_sent_to = TEXT_NEWSLETTER_CUSTOMERS; break; default: - $customers_email_address = tep_db_prepare_input($HTTP_POST_VARS['customers_email_address']); + $customers_email_address = tep_db_prepare_input($_POST['customers_email_address']); $mail_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($customers_email_address) . "'"); - $mail_sent_to = $HTTP_POST_VARS['customers_email_address']; + $mail_sent_to = $_POST['customers_email_address']; break; } - $from = tep_db_prepare_input($HTTP_POST_VARS['from']); - $subject = tep_db_prepare_input($HTTP_POST_VARS['subject']); - $message = tep_db_prepare_input($HTTP_POST_VARS['message']); + $from = tep_db_prepare_input($_POST['from']); + $subject = tep_db_prepare_input($_POST['subject']); + $message = tep_db_prepare_input($_POST['message']); //Let's build a message object using the email class $mimemessage = new email(array('X-Mailer: osCommerce')); @@ -55,12 +55,12 @@ tep_redirect(tep_href_link(FILENAME_MAIL, 'mail_sent_to=' . urlencode($mail_sent_to))); } - if ( ($action == 'preview') && !isset($HTTP_POST_VARS['customers_email_address']) ) { + if ( ($action == 'preview') && !isset($_POST['customers_email_address']) ) { $messageStack->add(ERROR_NO_CUSTOMER_SELECTED, 'error'); } - if (isset($HTTP_GET_VARS['mail_sent_to'])) { - $messageStack->add(sprintf(NOTICE_EMAIL_SENT_TO, $HTTP_GET_VARS['mail_sent_to']), 'success'); + if (isset($_GET['mail_sent_to'])) { + $messageStack->add(sprintf(NOTICE_EMAIL_SENT_TO, $_GET['mail_sent_to']), 'success'); } require(DIR_WS_INCLUDES . 'template_top.php'); @@ -78,8 +78,8 @@
display_count($languages_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_LANGUAGES); ?>display_links($languages_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($languages_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_LANGUAGES); ?>display_links($languages_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
languages_id . '&action=new')); ?>languages_id . '&action=new')); ?>
@@ -103,19 +103,19 @@ - + - + - + @@ -124,8 +124,8 @@ - + diff --git a/catalog/admin/manufacturers.php b/catalog/admin/manufacturers.php index ca79c1594..1bff22296 100644 --- a/catalog/admin/manufacturers.php +++ b/catalog/admin/manufacturers.php @@ -12,14 +12,14 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': case 'save': - if (isset($HTTP_GET_VARS['mID'])) $manufacturers_id = tep_db_prepare_input($HTTP_GET_VARS['mID']); - $manufacturers_name = tep_db_prepare_input($HTTP_POST_VARS['manufacturers_name']); + if (isset($_GET['mID'])) $manufacturers_id = tep_db_prepare_input($_GET['mID']); + $manufacturers_name = tep_db_prepare_input($_POST['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); @@ -47,7 +47,7 @@ $languages = tep_get_languages(); for ($i=0, $n=sizeof($languages); $i<$n; $i++) { - $manufacturers_url_array = $HTTP_POST_VARS['manufacturers_url']; + $manufacturers_url_array = $_POST['manufacturers_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('manufacturers_url' => tep_db_prepare_input($manufacturers_url_array[$language_id])); @@ -68,12 +68,12 @@ tep_reset_cache_block('manufacturers'); } - tep_redirect(tep_href_link(FILENAME_MANUFACTURERS, (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] . '&' : '') . 'mID=' . $manufacturers_id)); + tep_redirect(tep_href_link(FILENAME_MANUFACTURERS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'mID=' . $manufacturers_id)); break; case 'deleteconfirm': - $manufacturers_id = tep_db_prepare_input($HTTP_GET_VARS['mID']); + $manufacturers_id = tep_db_prepare_input($_GET['mID']); - if (isset($HTTP_POST_VARS['delete_image']) && ($HTTP_POST_VARS['delete_image'] == 'on')) { + if (isset($_POST['delete_image']) && ($_POST['delete_image'] == 'on')) { $manufacturer_query = tep_db_query("select manufacturers_image from " . TABLE_MANUFACTURERS . " where manufacturers_id = '" . (int)$manufacturers_id . "'"); $manufacturer = tep_db_fetch_array($manufacturer_query); @@ -85,7 +85,7 @@ tep_db_query("delete from " . TABLE_MANUFACTURERS . " where manufacturers_id = '" . (int)$manufacturers_id . "'"); tep_db_query("delete from " . TABLE_MANUFACTURERS_INFO . " where manufacturers_id = '" . (int)$manufacturers_id . "'"); - if (isset($HTTP_POST_VARS['delete_products']) && ($HTTP_POST_VARS['delete_products'] == 'on')) { + if (isset($_POST['delete_products']) && ($_POST['delete_products'] == 'on')) { $products_query = tep_db_query("select products_id from " . TABLE_PRODUCTS . " where manufacturers_id = '" . (int)$manufacturers_id . "'"); while ($products = tep_db_fetch_array($products_query)) { tep_remove_product($products['products_id']); @@ -98,7 +98,7 @@ tep_reset_cache_block('manufacturers'); } - tep_redirect(tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $_GET['page'])); break; } } @@ -125,10 +125,10 @@ manufacturers_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - + @@ -160,7 +160,7 @@ if (empty($action)) { ?> - + '
' . TEXT_MANUFACTURERS_URL . $manufacturer_inputs_string); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $HTTP_GET_VARS['mID']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $_GET['page'] . '&mID=' . $_GET['mID']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_HEADING_EDIT_MANUFACTURER . ''); - $contents = array('form' => tep_draw_form('manufacturers', FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=save', 'post', 'enctype="multipart/form-data"')); + $contents = array('form' => tep_draw_form('manufacturers', FILENAME_MANUFACTURERS, 'page=' . $_GET['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=save', 'post', 'enctype="multipart/form-data"')); $contents[] = array('text' => TEXT_EDIT_INTRO); $contents[] = array('text' => '
' . TEXT_MANUFACTURERS_NAME . '
' . tep_draw_input_field('manufacturers_name', $mInfo->manufacturers_name)); $contents[] = array('text' => '
' . TEXT_MANUFACTURERS_IMAGE . '
' . tep_draw_file_field('manufacturers_image') . '
' . $mInfo->manufacturers_image); @@ -203,12 +203,12 @@ } $contents[] = array('text' => '
' . TEXT_MANUFACTURERS_URL . $manufacturer_inputs_string); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->manufacturers_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $_GET['page'] . '&mID=' . $mInfo->manufacturers_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_HEADING_DELETE_MANUFACTURER . ''); - $contents = array('form' => tep_draw_form('manufacturers', FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('manufacturers', FILENAME_MANUFACTURERS, 'page=' . $_GET['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_DELETE_INTRO); $contents[] = array('text' => '
' . $mInfo->manufacturers_name . ''); $contents[] = array('text' => '
' . tep_draw_checkbox_field('delete_image', '', true) . ' ' . TEXT_DELETE_IMAGE); @@ -218,13 +218,13 @@ $contents[] = array('text' => '
' . sprintf(TEXT_DELETE_WARNING_PRODUCTS, $mInfo->products_count)); } - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->manufacturers_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $_GET['page'] . '&mID=' . $mInfo->manufacturers_id))); break; default: if (isset($mInfo) && is_object($mInfo)) { $heading[] = array('text' => '' . $mInfo->manufacturers_name . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $_GET['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_MANUFACTURERS, 'page=' . $_GET['page'] . '&mID=' . $mInfo->manufacturers_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_DATE_ADDED . ' ' . tep_date_short($mInfo->date_added)); if (tep_not_null($mInfo->last_modified)) $contents[] = array('text' => TEXT_LAST_MODIFIED . ' ' . tep_date_short($mInfo->last_modified)); $contents[] = array('text' => '
' . tep_info_image($mInfo->manufacturers_image, $mInfo->manufacturers_name)); diff --git a/catalog/admin/modules.php b/catalog/admin/modules.php index 78d818274..2e7417541 100644 --- a/catalog/admin/modules.php +++ b/catalog/admin/modules.php @@ -12,7 +12,7 @@ require('includes/application_top.php'); - $set = (isset($HTTP_GET_VARS['set']) ? $HTTP_GET_VARS['set'] : ''); + $set = (isset($_GET['set']) ? $_GET['set'] : ''); $modules = $cfgModules->getAll(); @@ -27,20 +27,20 @@ define('HEADING_TITLE', $cfgModules->get($set, 'title')); $template_integration = $cfgModules->get($set, 'template_integration'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'save': - foreach( $HTTP_POST_VARS['configuration'] as $key => $value ) { + foreach( $_POST['configuration'] as $key => $value ) { tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . $value . "' where configuration_key = '" . $key . "'"); } - tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $HTTP_GET_VARS['module'])); + tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $_GET['module'])); break; case 'install': case 'remove': $file_extension = substr($PHP_SELF, strrpos($PHP_SELF, '.')); - $class = basename($HTTP_GET_VARS['module']); + $class = basename($_GET['module']); if (file_exists($module_directory . $class . $file_extension)) { include($module_directory . $class . $file_extension); $module = new $class; @@ -88,7 +88,7 @@ while ($file = $dir->read()) { if (!is_dir($module_directory . $file)) { if (substr($file, strrpos($file, '.')) == $file_extension) { - if (isset($HTTP_GET_VARS['list']) && ($HTTP_GET_VARS['list'] = 'new')) { + if (isset($_GET['list']) && ($_GET['list'] = 'new')) { if (!in_array($file, $modules_installed)) { $directory_array[] = $file; } @@ -114,7 +114,7 @@ ' . tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_MODULES, 'set=' . $set)) . ''; } else { echo ' '; @@ -151,7 +151,7 @@ } } - if ((!isset($HTTP_GET_VARS['module']) || (isset($HTTP_GET_VARS['module']) && ($HTTP_GET_VARS['module'] == $class))) && !isset($mInfo)) { + if ((!isset($_GET['module']) || (isset($_GET['module']) && ($_GET['module'] == $class))) && !isset($mInfo)) { $module_info = array('code' => $module->code, 'title' => $module->title, 'description' => $module->description, @@ -185,18 +185,18 @@ echo ' ' . "\n"; } } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - + '' . $mInfo->title . ''); - $contents = array('form' => tep_draw_form('modules', FILENAME_MODULES, 'set=' . $set . '&module=' . $HTTP_GET_VARS['module'] . '&action=save')); + $contents = array('form' => tep_draw_form('modules', FILENAME_MODULES, 'set=' . $set . '&module=' . $_GET['module'] . '&action=save')); $contents[] = array('text' => $keys); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $HTTP_GET_VARS['module']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $_GET['module']))); break; default: $heading[] = array('text' => '' . $mInfo->title . ''); @@ -291,7 +291,7 @@ $contents[] = array('text' => '
' . $mInfo->description); $contents[] = array('text' => '
' . $keys); - } elseif (isset($HTTP_GET_VARS['list']) && ($HTTP_GET_VARS['list'] == 'new')) { + } elseif (isset($_GET['list']) && ($_GET['list'] == 'new')) { if (isset($mInfo)) { $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_MODULE_INSTALL, 'plus', tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $mInfo->code . '&action=install'))); diff --git a/catalog/admin/modules_content.php b/catalog/admin/modules_content.php index 420211482..8b3ff706e 100644 --- a/catalog/admin/modules_content.php +++ b/catalog/admin/modules_content.php @@ -88,16 +88,16 @@ function _sortContentModuleFiles($a, $b) { tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . implode(';', $_installed) . "' where configuration_key = 'MODULE_CONTENT_INSTALLED'"); } - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'save': - $class = basename($HTTP_GET_VARS['module']); + $class = basename($_GET['module']); foreach ( $modules['installed'] as $m ) { if ( $m['code'] == $class ) { - foreach ($HTTP_POST_VARS['configuration'] as $key => $value) { + foreach ($_POST['configuration'] as $key => $value) { $key = tep_db_prepare_input($key); $value = tep_db_prepare_input($value); @@ -113,7 +113,7 @@ function _sortContentModuleFiles($a, $b) { break; case 'install': - $class = basename($HTTP_GET_VARS['module']); + $class = basename($_GET['module']); foreach ( $modules['new'] as $m ) { if ( $m['code'] == $class ) { @@ -134,7 +134,7 @@ function _sortContentModuleFiles($a, $b) { break; case 'remove': - $class = basename($HTTP_GET_VARS['module']); + $class = basename($_GET['module']); foreach ( $modules['installed'] as $m ) { if ( $m['code'] == $class ) { @@ -196,7 +196,7 @@ function _sortContentModuleFiles($a, $b) { foreach ( $modules['new'] as $m ) { $module = new $m['code'](); - if ((!isset($HTTP_GET_VARS['module']) || (isset($HTTP_GET_VARS['module']) && ($HTTP_GET_VARS['module'] == $module->code))) && !isset($mInfo)) { + if ((!isset($_GET['module']) || (isset($_GET['module']) && ($_GET['module'] == $module->code))) && !isset($mInfo)) { $module_info = array('code' => $module->code, 'title' => $module->title, 'description' => $module->description, @@ -234,7 +234,7 @@ function _sortContentModuleFiles($a, $b) { foreach ( $modules['installed'] as $m ) { $module = new $m['code'](); - if ((!isset($HTTP_GET_VARS['module']) || (isset($HTTP_GET_VARS['module']) && ($HTTP_GET_VARS['module'] == $module->code))) && !isset($mInfo)) { + if ((!isset($_GET['module']) || (isset($_GET['module']) && ($_GET['module'] == $module->code))) && !isset($mInfo)) { $module_info = array('code' => $module->code, 'title' => $module->title, 'description' => $module->description, diff --git a/catalog/admin/newsletters.php b/catalog/admin/newsletters.php index 26c7c7057..f9fdc710c 100644 --- a/catalog/admin/newsletters.php +++ b/catalog/admin/newsletters.php @@ -12,25 +12,25 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'lock': case 'unlock': - $newsletter_id = tep_db_prepare_input($HTTP_GET_VARS['nID']); + $newsletter_id = tep_db_prepare_input($_GET['nID']); $status = (($action == 'lock') ? '1' : '0'); tep_db_query("update " . TABLE_NEWSLETTERS . " set locked = '" . $status . "' where newsletters_id = '" . (int)$newsletter_id . "'"); - tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID'])); + tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'])); break; case 'insert': case 'update': - if (isset($HTTP_POST_VARS['newsletter_id'])) $newsletter_id = tep_db_prepare_input($HTTP_POST_VARS['newsletter_id']); - $newsletter_module = tep_db_prepare_input($HTTP_POST_VARS['module']); - $title = tep_db_prepare_input($HTTP_POST_VARS['title']); - $content = tep_db_prepare_input($HTTP_POST_VARS['content']); + if (isset($_POST['newsletter_id'])) $newsletter_id = tep_db_prepare_input($_POST['newsletter_id']); + $newsletter_module = tep_db_prepare_input($_POST['module']); + $title = tep_db_prepare_input($_POST['title']); + $content = tep_db_prepare_input($_POST['content']); $newsletter_error = false; if (empty($title)) { @@ -59,23 +59,23 @@ tep_db_perform(TABLE_NEWSLETTERS, $sql_data_array, 'update', "newsletters_id = '" . (int)$newsletter_id . "'"); } - tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] . '&' : '') . 'nID=' . $newsletter_id)); + tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'nID=' . $newsletter_id)); } else { $action = 'new'; } break; case 'deleteconfirm': - $newsletter_id = tep_db_prepare_input($HTTP_GET_VARS['nID']); + $newsletter_id = tep_db_prepare_input($_GET['nID']); tep_db_query("delete from " . TABLE_NEWSLETTERS . " where newsletters_id = '" . (int)$newsletter_id . "'"); - tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'])); break; case 'delete': - case 'new': if (!isset($HTTP_GET_VARS['nID'])) break; + case 'new': if (!isset($_GET['nID'])) break; case 'send': case 'confirm_send': - $newsletter_id = tep_db_prepare_input($HTTP_GET_VARS['nID']); + $newsletter_id = tep_db_prepare_input($_GET['nID']); $check_query = tep_db_query("select locked from " . TABLE_NEWSLETTERS . " where newsletters_id = '" . (int)$newsletter_id . "'"); $check = tep_db_fetch_array($check_query); @@ -90,7 +90,7 @@ $messageStack->add_session($error, 'error'); - tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID'])); + tep_redirect(tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'])); } break; } @@ -118,17 +118,17 @@ $nInfo = new objectInfo($parameters); - if (isset($HTTP_GET_VARS['nID'])) { + if (isset($_GET['nID'])) { $form_action = 'update'; - $nID = tep_db_prepare_input($HTTP_GET_VARS['nID']); + $nID = tep_db_prepare_input($_GET['nID']); $newsletter_query = tep_db_query("select title, content, module from " . TABLE_NEWSLETTERS . " where newsletters_id = '" . (int)$nID . "'"); $newsletter = tep_db_fetch_array($newsletter_query); $nInfo->objectInfo($newsletter); - } elseif ($HTTP_POST_VARS) { - $nInfo->objectInfo($HTTP_POST_VARS); + } elseif ($_POST) { + $nInfo->objectInfo($_POST); } $file_extension = substr($PHP_SELF, strrpos($PHP_SELF, '.')); @@ -152,7 +152,7 @@ - +






$value ) { - if (!is_array($HTTP_POST_VARS[$key])) { + foreach ( $_POST as $key => $value ) { + if (!is_array($_POST[$key])) { echo tep_draw_hidden_field($key, htmlspecialchars(stripslashes($value))); } } @@ -157,7 +157,7 @@ ?>
manufacturers_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> manufacturers_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + +
display_count($manufacturers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_MANUFACTURERS); ?>display_links($manufacturers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($manufacturers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_MANUFACTURERS); ?>display_links($manufacturers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
manufacturers_id . '&action=new')); ?>manufacturers_id . '&action=new')); ?>
' . tep_draw_button(IMAGE_MODULE_INSTALL . ' (' . $new_modules_counter . ')', 'plus', tep_href_link(FILENAME_MODULES, 'set=' . $set . '&list=new')) . '
title; ?> code . $file_extension, $modules_installed) && is_numeric($module->sort_order)) echo $module->sort_order; ?>code) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> code) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
@@ -180,13 +180,13 @@ - + - + - + newsletters_id) ) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - + - + @@ -327,19 +327,19 @@ 0)) { - $status = tep_db_prepare_input($HTTP_GET_VARS['status']); + } elseif (isset($_GET['status']) && is_numeric($_GET['status']) && ($_GET['status'] > 0)) { + $status = tep_db_prepare_input($_GET['status']); $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.orders_status_id = '" . (int)$status . "' and ot.class = 'ot_total' order by o.orders_id DESC"; } else { $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by o.orders_id DESC"; } - $orders_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_query_raw, $orders_query_numrows); + $orders_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_query_raw, $orders_query_numrows); $orders_query = tep_db_query($orders_query_raw); while ($orders = tep_db_fetch_array($orders_query)) { - if ((!isset($HTTP_GET_VARS['oID']) || (isset($HTTP_GET_VARS['oID']) && ($HTTP_GET_VARS['oID'] == $orders['orders_id']))) && !isset($oInfo)) { + if ((!isset($_GET['oID']) || (isset($_GET['oID']) && ($_GET['oID'] == $orders['orders_id']))) && !isset($oInfo)) { $oInfo = new objectInfo($orders); } @@ -361,8 +361,8 @@ diff --git a/catalog/admin/orders_status.php b/catalog/admin/orders_status.php index e170d4b50..a7f281dee 100644 --- a/catalog/admin/orders_status.php +++ b/catalog/admin/orders_status.php @@ -12,22 +12,22 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': case 'save': - if (isset($HTTP_GET_VARS['oID'])) $orders_status_id = tep_db_prepare_input($HTTP_GET_VARS['oID']); + if (isset($_GET['oID'])) $orders_status_id = tep_db_prepare_input($_GET['oID']); $languages = tep_get_languages(); for ($i=0, $n=sizeof($languages); $i<$n; $i++) { - $orders_status_name_array = $HTTP_POST_VARS['orders_status_name']; + $orders_status_name_array = $_POST['orders_status_name']; $language_id = $languages[$i]['id']; $sql_data_array = array('orders_status_name' => tep_db_prepare_input($orders_status_name_array[$language_id]), - 'public_flag' => ((isset($HTTP_POST_VARS['public_flag']) && ($HTTP_POST_VARS['public_flag'] == '1')) ? '1' : '0'), - 'downloads_flag' => ((isset($HTTP_POST_VARS['downloads_flag']) && ($HTTP_POST_VARS['downloads_flag'] == '1')) ? '1' : '0')); + 'public_flag' => ((isset($_POST['public_flag']) && ($_POST['public_flag'] == '1')) ? '1' : '0'), + 'downloads_flag' => ((isset($_POST['downloads_flag']) && ($_POST['downloads_flag'] == '1')) ? '1' : '0')); if ($action == 'insert') { if (empty($orders_status_id)) { @@ -47,14 +47,14 @@ } } - if (isset($HTTP_POST_VARS['default']) && ($HTTP_POST_VARS['default'] == 'on')) { + if (isset($_POST['default']) && ($_POST['default'] == 'on')) { tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . tep_db_input($orders_status_id) . "' where configuration_key = 'DEFAULT_ORDERS_STATUS_ID'"); } - tep_redirect(tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $orders_status_id)); + tep_redirect(tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&oID=' . $orders_status_id)); break; case 'deleteconfirm': - $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); + $oID = tep_db_prepare_input($_GET['oID']); $orders_status_query = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'DEFAULT_ORDERS_STATUS_ID'"); $orders_status = tep_db_fetch_array($orders_status_query); @@ -65,10 +65,10 @@ tep_db_query("delete from " . TABLE_ORDERS_STATUS . " where orders_status_id = '" . tep_db_input($oID) . "'"); - tep_redirect(tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'])); break; case 'delete': - $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); + $oID = tep_db_prepare_input($_GET['oID']); $status_query = tep_db_query("select count(*) as count from " . TABLE_ORDERS . " where orders_status = '" . (int)$oID . "'"); $status = tep_db_fetch_array($status_query); @@ -116,17 +116,17 @@ orders_status_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } if (DEFAULT_ORDERS_STATUS_ID == $orders_status['orders_status_id']) { @@ -137,7 +137,7 @@ ?> - +
- +
content); ?>
' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . ' ' . $newsletters['title']; ?>' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . ' ' . $newsletters['title']; ?> 0) { echo tep_image(DIR_WS_ICONS . 'locked.gif', ICON_LOCKED); } else { echo tep_image(DIR_WS_ICONS . 'unlocked.gif', ICON_UNLOCKED); } ?>newsletters_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> newsletters_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + @@ -335,19 +335,19 @@ case 'delete': $heading[] = array('text' => '' . $nInfo->title . ''); - $contents = array('form' => tep_draw_form('newsletters', FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('newsletters', FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $nInfo->title . ''); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID']))); break; default: if (isset($nInfo) && is_object($nInfo)) { $heading[] = array('text' => '' . $nInfo->title . ''); if ($nInfo->locked > 0) { - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=new')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=delete')) . tep_draw_button(IMAGE_PREVIEW, 'document', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=preview')) . tep_draw_button(IMAGE_SEND, 'mail-closed', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=send')) . tep_draw_button(IMAGE_UNLOCK, 'unlocked', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=unlock'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=new')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=delete')) . tep_draw_button(IMAGE_PREVIEW, 'document', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=preview')) . tep_draw_button(IMAGE_SEND, 'mail-closed', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=send')) . tep_draw_button(IMAGE_UNLOCK, 'unlocked', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=unlock'))); } else { - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_PREVIEW, 'document', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=preview')) . tep_draw_button(IMAGE_LOCK, 'locked', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $nInfo->newsletters_id . '&action=lock'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_PREVIEW, 'document', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=preview')) . tep_draw_button(IMAGE_LOCK, 'locked', tep_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $nInfo->newsletters_id . '&action=lock'))); } $contents[] = array('text' => '
' . TEXT_NEWSLETTER_DATE_ADDED . ' ' . tep_date_short($nInfo->date_added)); if ($nInfo->status == '1') $contents[] = array('text' => TEXT_NEWSLETTER_DATE_SENT . ' ' . tep_date_short($nInfo->date_sent)); diff --git a/catalog/admin/orders.php b/catalog/admin/orders.php index 0e099696b..d0d69d6ff 100644 --- a/catalog/admin/orders.php +++ b/catalog/admin/orders.php @@ -24,14 +24,14 @@ $orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name']; } - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'update_order': - $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); - $status = tep_db_prepare_input($HTTP_POST_VARS['status']); - $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']); + $oID = tep_db_prepare_input($_GET['oID']); + $status = tep_db_prepare_input($_POST['status']); + $comments = tep_db_prepare_input($_POST['comments']); $order_updated = false; $check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, date_purchased from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'"); @@ -41,9 +41,9 @@ tep_db_query("update " . TABLE_ORDERS . " set orders_status = '" . tep_db_input($status) . "', last_modified = now() where orders_id = '" . (int)$oID . "'"); $customer_notified = '0'; - if (isset($HTTP_POST_VARS['notify']) && ($HTTP_POST_VARS['notify'] == 'on')) { + if (isset($_POST['notify']) && ($_POST['notify'] == 'on')) { $notify_comments = ''; - if (isset($HTTP_POST_VARS['notify_comments']) && ($HTTP_POST_VARS['notify_comments'] == 'on')) { + if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on')) { $notify_comments = sprintf(EMAIL_TEXT_COMMENTS_UPDATE, $comments) . "\n\n"; } @@ -68,17 +68,17 @@ tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=edit')); break; case 'deleteconfirm': - $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); + $oID = tep_db_prepare_input($_GET['oID']); - tep_remove_order($oID, $HTTP_POST_VARS['restock']); + tep_remove_order($oID, $_POST['restock']); tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')))); break; } } - if (($action == 'edit') && isset($HTTP_GET_VARS['oID'])) { - $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); + if (($action == 'edit') && isset($_GET['oID'])) { + $oID = tep_db_prepare_input($_GET['oID']); $orders_query = tep_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'"); $order_exists = true; @@ -103,7 +103,7 @@ - +
display_count($newsletters_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_NEWSLETTERS); ?>display_links($newsletters_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($newsletters_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_NEWSLETTERS); ?>display_links($newsletters_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
true)) . tep_draw_button(IMAGE_ORDERS_PACKINGSLIP, 'document', tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $HTTP_GET_VARS['oID']), null, array('newwindow' => true)) . tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')))); ?> true)) . tep_draw_button(IMAGE_ORDERS_PACKINGSLIP, 'document', tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']), null, array('newwindow' => true)) . tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')))); ?>
 
- - + +
display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?>display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], tep_get_all_get_params(array('page', 'oID', 'action'))); ?>display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?>display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], tep_get_all_get_params(array('page', 'oID', 'action'))); ?>
orders_status_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> orders_status_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - + '' . TEXT_INFO_HEADING_NEW_ORDERS_STATUS . ''); - $contents = array('form' => tep_draw_form('status', FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&action=insert')); + $contents = array('form' => tep_draw_form('status', FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&action=insert')); $contents[] = array('text' => TEXT_INFO_INSERT_INTRO); $orders_status_inputs_string = ''; @@ -181,12 +181,12 @@ $contents[] = array('text' => '
' . tep_draw_checkbox_field('public_flag', '1') . ' ' . TEXT_SET_PUBLIC_STATUS); $contents[] = array('text' => tep_draw_checkbox_field('downloads_flag', '1') . ' ' . TEXT_SET_DOWNLOADS_STATUS); $contents[] = array('text' => '
' . tep_draw_checkbox_field('default') . ' ' . TEXT_SET_DEFAULT); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $_GET['page']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_ORDERS_STATUS . ''); - $contents = array('form' => tep_draw_form('status', FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $oInfo->orders_status_id . '&action=save')); + $contents = array('form' => tep_draw_form('status', FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&oID=' . $oInfo->orders_status_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $orders_status_inputs_string = ''; @@ -199,21 +199,21 @@ $contents[] = array('text' => '
' . tep_draw_checkbox_field('public_flag', '1', $oInfo->public_flag) . ' ' . TEXT_SET_PUBLIC_STATUS); $contents[] = array('text' => tep_draw_checkbox_field('downloads_flag', '1', $oInfo->downloads_flag) . ' ' . TEXT_SET_DOWNLOADS_STATUS); if (DEFAULT_ORDERS_STATUS_ID != $oInfo->orders_status_id) $contents[] = array('text' => '
' . tep_draw_checkbox_field('default') . ' ' . TEXT_SET_DEFAULT); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $oInfo->orders_status_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&oID=' . $oInfo->orders_status_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_ORDERS_STATUS . ''); - $contents = array('form' => tep_draw_form('status', FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $oInfo->orders_status_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('status', FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&oID=' . $oInfo->orders_status_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $oInfo->orders_status_name . ''); - if ($remove_status) $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $oInfo->orders_status_id))); + if ($remove_status) $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&oID=' . $oInfo->orders_status_id))); break; default: if (isset($oInfo) && is_object($oInfo)) { $heading[] = array('text' => '' . $oInfo->orders_status_name . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $oInfo->orders_status_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $oInfo->orders_status_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&oID=' . $oInfo->orders_status_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $_GET['page'] . '&oID=' . $oInfo->orders_status_id . '&action=delete'))); $orders_status_inputs_string = ''; $languages = tep_get_languages(); diff --git a/catalog/admin/packingslip.php b/catalog/admin/packingslip.php index 31e104e62..0e302a5d1 100644 --- a/catalog/admin/packingslip.php +++ b/catalog/admin/packingslip.php @@ -15,7 +15,7 @@ require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); - $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); + $oID = tep_db_prepare_input($_GET['oID']); $orders_query = tep_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'"); include(DIR_WS_CLASSES . 'order.php'); @@ -35,7 +35,7 @@ diff --git a/catalog/admin/products_attributes.php b/catalog/admin/products_attributes.php index d7aa680cb..c225d1a5d 100644 --- a/catalog/admin/products_attributes.php +++ b/catalog/admin/products_attributes.php @@ -13,19 +13,19 @@ require('includes/application_top.php'); $languages = tep_get_languages(); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); - $option_page = (isset($HTTP_GET_VARS['option_page']) && is_numeric($HTTP_GET_VARS['option_page'])) ? $HTTP_GET_VARS['option_page'] : 1; - $value_page = (isset($HTTP_GET_VARS['value_page']) && is_numeric($HTTP_GET_VARS['value_page'])) ? $HTTP_GET_VARS['value_page'] : 1; - $attribute_page = (isset($HTTP_GET_VARS['attribute_page']) && is_numeric($HTTP_GET_VARS['attribute_page'])) ? $HTTP_GET_VARS['attribute_page'] : 1; + $option_page = (isset($_GET['option_page']) && is_numeric($_GET['option_page'])) ? $_GET['option_page'] : 1; + $value_page = (isset($_GET['value_page']) && is_numeric($_GET['value_page'])) ? $_GET['value_page'] : 1; + $attribute_page = (isset($_GET['attribute_page']) && is_numeric($_GET['attribute_page'])) ? $_GET['attribute_page'] : 1; $page_info = 'option_page=' . $option_page . '&value_page=' . $value_page . '&attribute_page=' . $attribute_page; if (tep_not_null($action)) { switch ($action) { case 'add_product_options': - $products_options_id = tep_db_prepare_input($HTTP_POST_VARS['products_options_id']); - $option_name_array = $HTTP_POST_VARS['option_name']; + $products_options_id = tep_db_prepare_input($_POST['products_options_id']); + $option_name_array = $_POST['option_name']; for ($i=0, $n=sizeof($languages); $i<$n; $i ++) { $option_name = tep_db_prepare_input($option_name_array[$languages[$i]['id']]); @@ -35,9 +35,9 @@ tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'add_product_option_values': - $value_name_array = $HTTP_POST_VARS['value_name']; - $value_id = tep_db_prepare_input($HTTP_POST_VARS['value_id']); - $option_id = tep_db_prepare_input($HTTP_POST_VARS['option_id']); + $value_name_array = $_POST['value_name']; + $value_id = tep_db_prepare_input($_POST['value_id']); + $option_id = tep_db_prepare_input($_POST['option_id']); for ($i=0, $n=sizeof($languages); $i<$n; $i ++) { $value_name = tep_db_prepare_input($value_name_array[$languages[$i]['id']]); @@ -50,20 +50,20 @@ tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'add_product_attributes': - $products_id = tep_db_prepare_input($HTTP_POST_VARS['products_id']); - $options_id = tep_db_prepare_input($HTTP_POST_VARS['options_id']); - $values_id = tep_db_prepare_input($HTTP_POST_VARS['values_id']); - $value_price = tep_db_prepare_input($HTTP_POST_VARS['value_price']); - $price_prefix = tep_db_prepare_input($HTTP_POST_VARS['price_prefix']); + $products_id = tep_db_prepare_input($_POST['products_id']); + $options_id = tep_db_prepare_input($_POST['options_id']); + $values_id = tep_db_prepare_input($_POST['values_id']); + $value_price = tep_db_prepare_input($_POST['value_price']); + $price_prefix = tep_db_prepare_input($_POST['price_prefix']); tep_db_query("insert into " . TABLE_PRODUCTS_ATTRIBUTES . " values (null, '" . (int)$products_id . "', '" . (int)$options_id . "', '" . (int)$values_id . "', '" . (float)tep_db_input($value_price) . "', '" . tep_db_input($price_prefix) . "')"); if (DOWNLOAD_ENABLED == 'true') { $products_attributes_id = tep_db_insert_id(); - $products_attributes_filename = tep_db_prepare_input($HTTP_POST_VARS['products_attributes_filename']); - $products_attributes_maxdays = tep_db_prepare_input($HTTP_POST_VARS['products_attributes_maxdays']); - $products_attributes_maxcount = tep_db_prepare_input($HTTP_POST_VARS['products_attributes_maxcount']); + $products_attributes_filename = tep_db_prepare_input($_POST['products_attributes_filename']); + $products_attributes_maxdays = tep_db_prepare_input($_POST['products_attributes_maxdays']); + $products_attributes_maxcount = tep_db_prepare_input($_POST['products_attributes_maxcount']); if (tep_not_null($products_attributes_filename)) { tep_db_query("insert into " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " values (" . (int)$products_attributes_id . ", '" . tep_db_input($products_attributes_filename) . "', '" . tep_db_input($products_attributes_maxdays) . "', '" . tep_db_input($products_attributes_maxcount) . "')"); @@ -73,8 +73,8 @@ tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'update_option_name': - $option_name_array = $HTTP_POST_VARS['option_name']; - $option_id = tep_db_prepare_input($HTTP_POST_VARS['option_id']); + $option_name_array = $_POST['option_name']; + $option_id = tep_db_prepare_input($_POST['option_id']); for ($i=0, $n=sizeof($languages); $i<$n; $i ++) { $option_name = tep_db_prepare_input($option_name_array[$languages[$i]['id']]); @@ -85,9 +85,9 @@ tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'update_value': - $value_name_array = $HTTP_POST_VARS['value_name']; - $value_id = tep_db_prepare_input($HTTP_POST_VARS['value_id']); - $option_id = tep_db_prepare_input($HTTP_POST_VARS['option_id']); + $value_name_array = $_POST['value_name']; + $value_id = tep_db_prepare_input($_POST['value_id']); + $option_id = tep_db_prepare_input($_POST['option_id']); for ($i=0, $n=sizeof($languages); $i<$n; $i ++) { $value_name = tep_db_prepare_input($value_name_array[$languages[$i]['id']]); @@ -100,19 +100,19 @@ tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'update_product_attribute': - $products_id = tep_db_prepare_input($HTTP_POST_VARS['products_id']); - $options_id = tep_db_prepare_input($HTTP_POST_VARS['options_id']); - $values_id = tep_db_prepare_input($HTTP_POST_VARS['values_id']); - $value_price = tep_db_prepare_input($HTTP_POST_VARS['value_price']); - $price_prefix = tep_db_prepare_input($HTTP_POST_VARS['price_prefix']); - $attribute_id = tep_db_prepare_input($HTTP_POST_VARS['attribute_id']); + $products_id = tep_db_prepare_input($_POST['products_id']); + $options_id = tep_db_prepare_input($_POST['options_id']); + $values_id = tep_db_prepare_input($_POST['values_id']); + $value_price = tep_db_prepare_input($_POST['value_price']); + $price_prefix = tep_db_prepare_input($_POST['price_prefix']); + $attribute_id = tep_db_prepare_input($_POST['attribute_id']); tep_db_query("update " . TABLE_PRODUCTS_ATTRIBUTES . " set products_id = '" . (int)$products_id . "', options_id = '" . (int)$options_id . "', options_values_id = '" . (int)$values_id . "', options_values_price = '" . (float)tep_db_input($value_price) . "', price_prefix = '" . tep_db_input($price_prefix) . "' where products_attributes_id = '" . (int)$attribute_id . "'"); if (DOWNLOAD_ENABLED == 'true') { - $products_attributes_filename = tep_db_prepare_input($HTTP_POST_VARS['products_attributes_filename']); - $products_attributes_maxdays = tep_db_prepare_input($HTTP_POST_VARS['products_attributes_maxdays']); - $products_attributes_maxcount = tep_db_prepare_input($HTTP_POST_VARS['products_attributes_maxcount']); + $products_attributes_filename = tep_db_prepare_input($_POST['products_attributes_filename']); + $products_attributes_maxdays = tep_db_prepare_input($_POST['products_attributes_maxdays']); + $products_attributes_maxcount = tep_db_prepare_input($_POST['products_attributes_maxcount']); if (tep_not_null($products_attributes_filename)) { tep_db_query("replace into " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " set products_attributes_id = '" . (int)$attribute_id . "', products_attributes_filename = '" . tep_db_input($products_attributes_filename) . "', products_attributes_maxdays = '" . tep_db_input($products_attributes_maxdays) . "', products_attributes_maxcount = '" . tep_db_input($products_attributes_maxcount) . "'"); @@ -122,14 +122,14 @@ tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'delete_option': - $option_id = tep_db_prepare_input($HTTP_GET_VARS['option_id']); + $option_id = tep_db_prepare_input($_GET['option_id']); tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS . " where products_options_id = '" . (int)$option_id . "'"); tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'delete_value': - $value_id = tep_db_prepare_input($HTTP_GET_VARS['value_id']); + $value_id = tep_db_prepare_input($_GET['value_id']); tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES . " where products_options_values_id = '" . (int)$value_id . "'"); tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " where products_options_values_id = '" . (int)$value_id . "'"); @@ -137,7 +137,7 @@ tep_redirect(tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); break; case 'delete_attribute': - $attribute_id = tep_db_prepare_input($HTTP_GET_VARS['attribute_id']); + $attribute_id = tep_db_prepare_input($_GET['attribute_id']); tep_db_query("delete from " . TABLE_PRODUCTS_ATTRIBUTES . " where products_attributes_id = '" . (int)$attribute_id . "'"); @@ -161,7 +161,7 @@ @@ -173,7 +173,7 @@ @@ -213,7 +213,7 @@ - + '; $inputs = ''; for ($i = 0, $n = sizeof($languages); $i < $n; $i ++) { @@ -319,7 +319,7 @@ @@ -331,7 +331,7 @@ @@ -370,7 +370,7 @@ - + '; $inputs = ''; for ($i = 0, $n = sizeof($languages); $i < $n; $i ++) { @@ -556,7 +556,7 @@ ?> @@ -640,7 +640,7 @@ - + diff --git a/catalog/admin/products_expected.php b/catalog/admin/products_expected.php index add8c4d1b..a72d770af 100644 --- a/catalog/admin/products_expected.php +++ b/catalog/admin/products_expected.php @@ -37,22 +37,22 @@ products_id)) { echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - + diff --git a/catalog/admin/reviews.php b/catalog/admin/reviews.php index 5f6b0135f..05d44ae2b 100644 --- a/catalog/admin/reviews.php +++ b/catalog/admin/reviews.php @@ -12,37 +12,37 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'setflag': - if ( ($HTTP_GET_VARS['flag'] == '0') || ($HTTP_GET_VARS['flag'] == '1') ) { - if (isset($HTTP_GET_VARS['rID'])) { - tep_set_review_status($HTTP_GET_VARS['rID'], $HTTP_GET_VARS['flag']); + if ( ($_GET['flag'] == '0') || ($_GET['flag'] == '1') ) { + if (isset($_GET['rID'])) { + tep_set_review_status($_GET['rID'], $_GET['flag']); } } - tep_redirect(tep_href_link(FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'] . '&rID=' . $HTTP_GET_VARS['rID'])); + tep_redirect(tep_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $_GET['rID'])); break; case 'update': - $reviews_id = tep_db_prepare_input($HTTP_GET_VARS['rID']); - $reviews_rating = tep_db_prepare_input($HTTP_POST_VARS['reviews_rating']); - $reviews_text = tep_db_prepare_input($HTTP_POST_VARS['reviews_text']); - $reviews_status = tep_db_prepare_input($HTTP_POST_VARS['reviews_status']); + $reviews_id = tep_db_prepare_input($_GET['rID']); + $reviews_rating = tep_db_prepare_input($_POST['reviews_rating']); + $reviews_text = tep_db_prepare_input($_POST['reviews_text']); + $reviews_status = tep_db_prepare_input($_POST['reviews_status']); tep_db_query("update " . TABLE_REVIEWS . " set reviews_rating = '" . tep_db_input($reviews_rating) . "', reviews_status = '" . tep_db_input($reviews_status) . "', last_modified = now() where reviews_id = '" . (int)$reviews_id . "'"); tep_db_query("update " . TABLE_REVIEWS_DESCRIPTION . " set reviews_text = '" . tep_db_input($reviews_text) . "' where reviews_id = '" . (int)$reviews_id . "'"); - tep_redirect(tep_href_link(FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'] . '&rID=' . $reviews_id)); + tep_redirect(tep_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $reviews_id)); break; case 'deleteconfirm': - $reviews_id = tep_db_prepare_input($HTTP_GET_VARS['rID']); + $reviews_id = tep_db_prepare_input($_GET['rID']); tep_db_query("delete from " . TABLE_REVIEWS . " where reviews_id = '" . (int)$reviews_id . "'"); tep_db_query("delete from " . TABLE_REVIEWS_DESCRIPTION . " where reviews_id = '" . (int)$reviews_id . "'"); - tep_redirect(tep_href_link(FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'])); break; } } @@ -61,7 +61,7 @@ - +
display_count($orders_status_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS_STATUS); ?>display_links($orders_status_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($orders_status_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS_STATUS); ?>display_links($orders_status_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
- +
' . nl2br(STORE_ADDRESS) . '
' . STORE_PHONE; ?>


 
 


 
 
                     
products_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> products_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + +
display_count($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_PRODUCTS_EXPECTED); ?>display_links($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_PRODUCTS_EXPECTED); ?>display_links($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
@@ -116,14 +116,14 @@ - + - +
products_name; ?>
customers_name; ?>

date_added); ?>
reviews_id) . tep_draw_hidden_field('products_id', $rInfo->products_id) . tep_draw_hidden_field('customers_name', $rInfo->customers_name) . tep_draw_hidden_field('products_name', $rInfo->products_name) . tep_draw_hidden_field('products_image', $rInfo->products_image) . tep_draw_hidden_field('date_added', $rInfo->date_added) . tep_draw_button(IMAGE_PREVIEW, 'document') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'] . '&rID=' . $HTTP_GET_VARS['rID'])); ?>reviews_id) . tep_draw_hidden_field('products_id', $rInfo->products_id) . tep_draw_hidden_field('customers_name', $rInfo->customers_name) . tep_draw_hidden_field('products_name', $rInfo->products_name) . tep_draw_hidden_field('products_image', $rInfo->products_image) . tep_draw_hidden_field('date_added', $rInfo->date_added) . tep_draw_button(IMAGE_PREVIEW, 'document') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $_GET['rID'])); ?>
@@ -164,22 +164,22 @@ $value ) echo tep_draw_hidden_field($key, htmlspecialchars(stripslashes($value))); + foreach ( $_POST as $key => $value ) echo tep_draw_hidden_field($key, htmlspecialchars(stripslashes($value))); ?> - + reviews_id; + $back_url_params = 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id; } ?> @@ -202,10 +202,10 @@ reviews_id) ) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - + - + @@ -262,16 +262,16 @@ case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_REVIEW . ''); - $contents = array('form' => tep_draw_form('reviews', FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'] . '&rID=' . $rInfo->reviews_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('reviews', FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_REVIEW_INTRO); $contents[] = array('text' => '
' . $rInfo->products_name . ''); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'] . '&rID=' . $rInfo->reviews_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id))); break; default: if (isset($rInfo) && is_object($rInfo)) { $heading[] = array('text' => '' . $rInfo->products_name . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'] . '&rID=' . $rInfo->reviews_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_REVIEWS, 'page=' . $HTTP_GET_VARS['page'] . '&rID=' . $rInfo->reviews_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_INFO_DATE_ADDED . ' ' . tep_date_short($rInfo->date_added)); if (tep_not_null($rInfo->last_modified)) $contents[] = array('text' => TEXT_INFO_LAST_MODIFIED . ' ' . tep_date_short($rInfo->last_modified)); $contents[] = array('text' => '
' . tep_info_image($rInfo->products_image, $rInfo->products_name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT)); diff --git a/catalog/admin/server_info.php b/catalog/admin/server_info.php index d85973c0a..ae8257bec 100644 --- a/catalog/admin/server_info.php +++ b/catalog/admin/server_info.php @@ -12,7 +12,7 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); switch ($action) { case 'export': diff --git a/catalog/admin/specials.php b/catalog/admin/specials.php index d1281a64d..a5d58990f 100644 --- a/catalog/admin/specials.php +++ b/catalog/admin/specials.php @@ -15,20 +15,20 @@ require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'setflag': - tep_set_specials_status($HTTP_GET_VARS['id'], $HTTP_GET_VARS['flag']); + tep_set_specials_status($_GET['id'], $_GET['flag']); - tep_redirect(tep_href_link(FILENAME_SPECIALS, (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] . '&' : '') . 'sID=' . $HTTP_GET_VARS['id'])); + tep_redirect(tep_href_link(FILENAME_SPECIALS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'sID=' . $_GET['id'])); break; case 'insert': - $products_id = tep_db_prepare_input($HTTP_POST_VARS['products_id']); - $products_price = tep_db_prepare_input($HTTP_POST_VARS['products_price']); - $specials_price = tep_db_prepare_input($HTTP_POST_VARS['specials_price']); - $expdate = tep_db_prepare_input($HTTP_POST_VARS['expdate']); + $products_id = tep_db_prepare_input($_POST['products_id']); + $products_price = tep_db_prepare_input($_POST['products_price']); + $specials_price = tep_db_prepare_input($_POST['specials_price']); + $expdate = tep_db_prepare_input($_POST['expdate']); if (substr($specials_price, -1) == '%') { $new_special_insert_query = tep_db_query("select products_id, products_price from " . TABLE_PRODUCTS . " where products_id = '" . (int)$products_id . "'"); @@ -45,13 +45,13 @@ tep_db_query("insert into " . TABLE_SPECIALS . " (products_id, specials_new_products_price, specials_date_added, expires_date, status) values ('" . (int)$products_id . "', '" . tep_db_input($specials_price) . "', now(), " . (tep_not_null($expires_date) ? "'" . tep_db_input($expires_date) . "'" : 'null') . ", '1')"); - tep_redirect(tep_href_link(FILENAME_SPECIALS, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page'])); break; case 'update': - $specials_id = tep_db_prepare_input($HTTP_POST_VARS['specials_id']); - $products_price = tep_db_prepare_input($HTTP_POST_VARS['products_price']); - $specials_price = tep_db_prepare_input($HTTP_POST_VARS['specials_price']); - $expdate = tep_db_prepare_input($HTTP_POST_VARS['expdate']); + $specials_id = tep_db_prepare_input($_POST['specials_id']); + $products_price = tep_db_prepare_input($_POST['products_price']); + $specials_price = tep_db_prepare_input($_POST['specials_price']); + $expdate = tep_db_prepare_input($_POST['expdate']); if (substr($specials_price, -1) == '%') $specials_price = ($products_price - (($specials_price / 100) * $products_price)); @@ -62,14 +62,14 @@ tep_db_query("update " . TABLE_SPECIALS . " set specials_new_products_price = '" . tep_db_input($specials_price) . "', specials_last_modified = now(), expires_date = " . (tep_not_null($expires_date) ? "'" . tep_db_input($expires_date) . "'" : 'null') . " where specials_id = '" . (int)$specials_id . "'"); - tep_redirect(tep_href_link(FILENAME_SPECIALS, 'page=' . $HTTP_GET_VARS['page'] . '&sID=' . $specials_id)); + tep_redirect(tep_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page'] . '&sID=' . $specials_id)); break; case 'deleteconfirm': - $specials_id = tep_db_prepare_input($HTTP_GET_VARS['sID']); + $specials_id = tep_db_prepare_input($_GET['sID']); tep_db_query("delete from " . TABLE_SPECIALS . " where specials_id = '" . (int)$specials_id . "'"); - tep_redirect(tep_href_link(FILENAME_SPECIALS, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page'])); break; } } @@ -89,10 +89,10 @@ - method="post"> + method="post">tax_class_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo' ' . "\n"; + echo' ' . "\n"; } ?> - +
products_name; ?>
customers_name; ?>

date_added); ?>
reviews_id)); ?>reviews_id)); ?>
' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . ' ' . tep_get_products_name($reviews['products_id']); ?>' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . ' ' . tep_get_products_name($reviews['products_id']); ?> ' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', IMAGE_ICON_STATUS_RED_LIGHT, 10, 10) . ''; + echo tep_image(DIR_WS_IMAGES . 'icon_status_green.gif', IMAGE_ICON_STATUS_GREEN, 10, 10) . '  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', IMAGE_ICON_STATUS_RED_LIGHT, 10, 10) . ''; } else { - echo '' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', IMAGE_ICON_STATUS_GREEN_LIGHT, 10, 10) . '  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', IMAGE_ICON_STATUS_RED, 10, 10); + echo '' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', IMAGE_ICON_STATUS_GREEN_LIGHT, 10, 10) . '  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', IMAGE_ICON_STATUS_RED, 10, 10); } ?>reviews_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> reviews_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + +
display_count($reviews_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_REVIEWS); ?>display_links($reviews_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($reviews_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_REVIEWS); ?>display_links($reviews_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>

@@ -136,7 +136,7 @@ @@ -155,10 +155,10 @@ specials_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> @@ -181,7 +181,7 @@ echo '' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', IMAGE_ICON_STATUS_GREEN_LIGHT, 10, 10) . '  ' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', IMAGE_ICON_STATUS_RED, 10, 10); } ?> - + - + @@ -85,7 +84,7 @@ - +
  - +



specials_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> specials_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - + '' . TEXT_INFO_HEADING_DELETE_SPECIALS . ''); - $contents = array('form' => tep_draw_form('specials', FILENAME_SPECIALS, 'page=' . $HTTP_GET_VARS['page'] . '&sID=' . $sInfo->specials_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('specials', FILENAME_SPECIALS, 'page=' . $_GET['page'] . '&sID=' . $sInfo->specials_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $sInfo->products_name . ''); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_SPECIALS, 'page=' . $HTTP_GET_VARS['page'] . '&sID=' . $sInfo->specials_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page'] . '&sID=' . $sInfo->specials_id))); break; default: if (is_object($sInfo)) { $heading[] = array('text' => '' . $sInfo->products_name . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_SPECIALS, 'page=' . $HTTP_GET_VARS['page'] . '&sID=' . $sInfo->specials_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_SPECIALS, 'page=' . $HTTP_GET_VARS['page'] . '&sID=' . $sInfo->specials_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page'] . '&sID=' . $sInfo->specials_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page'] . '&sID=' . $sInfo->specials_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_INFO_DATE_ADDED . ' ' . tep_date_short($sInfo->specials_date_added)); $contents[] = array('text' => '' . TEXT_INFO_LAST_MODIFIED . ' ' . tep_date_short($sInfo->specials_last_modified)); $contents[] = array('align' => 'center', 'text' => '
' . tep_info_image($sInfo->products_image, $sInfo->products_name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT)); diff --git a/catalog/admin/stats_customers.php b/catalog/admin/stats_customers.php index 0833edbba..3d0df6736 100644 --- a/catalog/admin/stats_customers.php +++ b/catalog/admin/stats_customers.php @@ -37,9 +37,9 @@ 1)) $rows = $HTTP_GET_VARS['page'] * MAX_DISPLAY_SEARCH_RESULTS - MAX_DISPLAY_SEARCH_RESULTS; + if (isset($_GET['page']) && ($_GET['page'] > 1)) $rows = $_GET['page'] * MAX_DISPLAY_SEARCH_RESULTS - MAX_DISPLAY_SEARCH_RESULTS; $customers_query_raw = "select c.customers_firstname, c.customers_lastname, sum(op.products_quantity * op.final_price) as ordersum from " . TABLE_CUSTOMERS . " c, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS . " o where c.customers_id = o.customers_id and o.orders_id = op.orders_id group by c.customers_firstname, c.customers_lastname order by ordersum DESC"; - $customers_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $customers_query_raw, $customers_query_numrows); + $customers_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $customers_query_raw, $customers_query_numrows); // fix counted customers $customers_query_numrows = tep_db_query("select customers_id from " . TABLE_ORDERS . " group by customers_id"); $customers_query_numrows = tep_db_num_rows($customers_query_numrows); @@ -66,8 +66,8 @@ diff --git a/catalog/admin/stats_products_purchased.php b/catalog/admin/stats_products_purchased.php index 0ca5f48d7..502fcf265 100644 --- a/catalog/admin/stats_products_purchased.php +++ b/catalog/admin/stats_products_purchased.php @@ -34,9 +34,9 @@ 1)) $rows = $HTTP_GET_VARS['page'] * MAX_DISPLAY_SEARCH_RESULTS - MAX_DISPLAY_SEARCH_RESULTS; + if (isset($_GET['page']) && ($_GET['page'] > 1)) $rows = $_GET['page'] * MAX_DISPLAY_SEARCH_RESULTS - MAX_DISPLAY_SEARCH_RESULTS; $products_query_raw = "select p.products_id, p.products_ordered, pd.products_name from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where pd.products_id = p.products_id and pd.language_id = '" . $languages_id. "' and p.products_ordered > 0 group by pd.products_id order by p.products_ordered DESC, pd.products_name"; - $products_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $products_query_raw, $products_query_numrows); + $products_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $products_query_raw, $products_query_numrows); $rows = 0; $products_query = tep_db_query($products_query_raw); @@ -47,9 +47,9 @@ $rows = '0' . $rows; } ?> - + - + diff --git a/catalog/admin/stats_products_viewed.php b/catalog/admin/stats_products_viewed.php index 45fec795c..62bbfd9b8 100644 --- a/catalog/admin/stats_products_viewed.php +++ b/catalog/admin/stats_products_viewed.php @@ -34,10 +34,10 @@ 1)) $rows = $HTTP_GET_VARS['page'] * MAX_DISPLAY_SEARCH_RESULTS - MAX_DISPLAY_SEARCH_RESULTS; + if (isset($_GET['page']) && ($_GET['page'] > 1)) $rows = $_GET['page'] * MAX_DISPLAY_SEARCH_RESULTS - MAX_DISPLAY_SEARCH_RESULTS; $rows = 0; $products_query_raw = "select p.products_id, pd.products_name, pd.products_viewed, l.name from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_LANGUAGES . " l where p.products_id = pd.products_id and l.languages_id = pd.language_id order by pd.products_viewed DESC"; - $products_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $products_query_raw, $products_query_numrows); + $products_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $products_query_raw, $products_query_numrows); $products_query = tep_db_query($products_query_raw); while ($products = tep_db_fetch_array($products_query)) { $rows++; @@ -46,9 +46,9 @@ $rows = '0' . $rows; } ?> - + - + diff --git a/catalog/admin/store_logo.php b/catalog/admin/store_logo.php index 009ff4833..0958b51a6 100644 --- a/catalog/admin/store_logo.php +++ b/catalog/admin/store_logo.php @@ -5,14 +5,14 @@ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com - Copyright (c) 2010 osCommerce + Copyright (c) 2014 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { @@ -20,14 +20,13 @@ $error = false; $store_logo = new upload('store_logo'); - $store_logo->set_extensions('png'); + $store_logo->set_extensions(array('png', 'gif', 'jpg')); $store_logo->set_destination(DIR_FS_CATALOG_IMAGES); if ($store_logo->parse()) { - $store_logo->set_filename('store_logo.png'); - if ($store_logo->save()) { $messageStack->add_session(SUCCESS_LOGO_UPDATED, 'success'); + tep_db_query("update configuration set configuration_value = '" . tep_db_input($store_logo->filename) . "', last_modified = now() where configuration_value = '" . STORE_LOGO . "'"); } else { $error = true; } @@ -59,7 +58,7 @@
display_count($specials_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_SPECIALS); ?>display_links($specials_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($specials_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_SPECIALS); ?>display_links($specials_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
 
- - + +
display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS); ?>display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?> display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS); ?>display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?> 
 
.' . $products['products_name'] . ''; ?>' . $products['products_name'] . ''; ?>  
- - + +
display_count($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_PRODUCTS); ?>display_links($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?> display_count($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_PRODUCTS); ?>display_links($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?> 
 
.' . $products['products_name'] . ' (' . $products['name'] . ')'; ?>' . $products['products_name'] . ' (' . $products['name'] . ')'; ?>  
- - + +
display_count($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_PRODUCTS); ?>display_links($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_PRODUCTS); ?>display_links($products_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
diff --git a/catalog/admin/tax_classes.php b/catalog/admin/tax_classes.php index 20f4e3174..325fc70a5 100644 --- a/catalog/admin/tax_classes.php +++ b/catalog/admin/tax_classes.php @@ -12,33 +12,33 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': - $tax_class_title = tep_db_prepare_input($HTTP_POST_VARS['tax_class_title']); - $tax_class_description = tep_db_prepare_input($HTTP_POST_VARS['tax_class_description']); + $tax_class_title = tep_db_prepare_input($_POST['tax_class_title']); + $tax_class_description = tep_db_prepare_input($_POST['tax_class_description']); tep_db_query("insert into " . TABLE_TAX_CLASS . " (tax_class_title, tax_class_description, date_added) values ('" . tep_db_input($tax_class_title) . "', '" . tep_db_input($tax_class_description) . "', now())"); tep_redirect(tep_href_link(FILENAME_TAX_CLASSES)); break; case 'save': - $tax_class_id = tep_db_prepare_input($HTTP_GET_VARS['tID']); - $tax_class_title = tep_db_prepare_input($HTTP_POST_VARS['tax_class_title']); - $tax_class_description = tep_db_prepare_input($HTTP_POST_VARS['tax_class_description']); + $tax_class_id = tep_db_prepare_input($_GET['tID']); + $tax_class_title = tep_db_prepare_input($_POST['tax_class_title']); + $tax_class_description = tep_db_prepare_input($_POST['tax_class_description']); tep_db_query("update " . TABLE_TAX_CLASS . " set tax_class_id = '" . (int)$tax_class_id . "', tax_class_title = '" . tep_db_input($tax_class_title) . "', tax_class_description = '" . tep_db_input($tax_class_description) . "', last_modified = now() where tax_class_id = '" . (int)$tax_class_id . "'"); - tep_redirect(tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tax_class_id)); + tep_redirect(tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tax_class_id)); break; case 'deleteconfirm': - $tax_class_id = tep_db_prepare_input($HTTP_GET_VARS['tID']); + $tax_class_id = tep_db_prepare_input($_GET['tID']); tep_db_query("delete from " . TABLE_TAX_CLASS . " where tax_class_id = '" . (int)$tax_class_id . "'"); - tep_redirect(tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'])); break; } } @@ -65,21 +65,21 @@
tax_class_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> tax_class_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - + '' . TEXT_INFO_HEADING_NEW_TAX_CLASS . ''); - $contents = array('form' => tep_draw_form('classes', FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&action=insert')); + $contents = array('form' => tep_draw_form('classes', FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&action=insert')); $contents[] = array('text' => TEXT_INFO_INSERT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_CLASS_TITLE . '
' . tep_draw_input_field('tax_class_title')); $contents[] = array('text' => '
' . TEXT_INFO_CLASS_DESCRIPTION . '
' . tep_draw_input_field('tax_class_description')); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'plus', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'plus', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_TAX_CLASS . ''); - $contents = array('form' => tep_draw_form('classes', FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=save')); + $contents = array('form' => tep_draw_form('classes', FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_CLASS_TITLE . '
' . tep_draw_input_field('tax_class_title', $tcInfo->tax_class_title)); $contents[] = array('text' => '
' . TEXT_INFO_CLASS_DESCRIPTION . '
' . tep_draw_input_field('tax_class_description', $tcInfo->tax_class_description)); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tcInfo->tax_class_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tcInfo->tax_class_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_TAX_CLASS . ''); - $contents = array('form' => tep_draw_form('classes', FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('classes', FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $tcInfo->tax_class_title . ''); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tcInfo->tax_class_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tcInfo->tax_class_id))); break; default: if (isset($tcInfo) && is_object($tcInfo)) { $heading[] = array('text' => '' . $tcInfo->tax_class_title . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tcInfo->tax_class_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_INFO_DATE_ADDED . ' ' . tep_date_short($tcInfo->date_added)); $contents[] = array('text' => '' . TEXT_INFO_LAST_MODIFIED . ' ' . tep_date_short($tcInfo->last_modified)); $contents[] = array('text' => '
' . TEXT_INFO_CLASS_DESCRIPTION . '
' . $tcInfo->tax_class_description); diff --git a/catalog/admin/tax_rates.php b/catalog/admin/tax_rates.php index 30d03f85e..53473fb17 100644 --- a/catalog/admin/tax_rates.php +++ b/catalog/admin/tax_rates.php @@ -12,39 +12,39 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': - $tax_zone_id = tep_db_prepare_input($HTTP_POST_VARS['tax_zone_id']); - $tax_class_id = tep_db_prepare_input($HTTP_POST_VARS['tax_class_id']); - $tax_rate = tep_db_prepare_input($HTTP_POST_VARS['tax_rate']); - $tax_description = tep_db_prepare_input($HTTP_POST_VARS['tax_description']); - $tax_priority = tep_db_prepare_input($HTTP_POST_VARS['tax_priority']); + $tax_zone_id = tep_db_prepare_input($_POST['tax_zone_id']); + $tax_class_id = tep_db_prepare_input($_POST['tax_class_id']); + $tax_rate = tep_db_prepare_input($_POST['tax_rate']); + $tax_description = tep_db_prepare_input($_POST['tax_description']); + $tax_priority = tep_db_prepare_input($_POST['tax_priority']); tep_db_query("insert into " . TABLE_TAX_RATES . " (tax_zone_id, tax_class_id, tax_rate, tax_description, tax_priority, date_added) values ('" . (int)$tax_zone_id . "', '" . (int)$tax_class_id . "', '" . tep_db_input($tax_rate) . "', '" . tep_db_input($tax_description) . "', '" . tep_db_input($tax_priority) . "', now())"); tep_redirect(tep_href_link(FILENAME_TAX_RATES)); break; case 'save': - $tax_rates_id = tep_db_prepare_input($HTTP_GET_VARS['tID']); - $tax_zone_id = tep_db_prepare_input($HTTP_POST_VARS['tax_zone_id']); - $tax_class_id = tep_db_prepare_input($HTTP_POST_VARS['tax_class_id']); - $tax_rate = tep_db_prepare_input($HTTP_POST_VARS['tax_rate']); - $tax_description = tep_db_prepare_input($HTTP_POST_VARS['tax_description']); - $tax_priority = tep_db_prepare_input($HTTP_POST_VARS['tax_priority']); + $tax_rates_id = tep_db_prepare_input($_GET['tID']); + $tax_zone_id = tep_db_prepare_input($_POST['tax_zone_id']); + $tax_class_id = tep_db_prepare_input($_POST['tax_class_id']); + $tax_rate = tep_db_prepare_input($_POST['tax_rate']); + $tax_description = tep_db_prepare_input($_POST['tax_description']); + $tax_priority = tep_db_prepare_input($_POST['tax_priority']); tep_db_query("update " . TABLE_TAX_RATES . " set tax_rates_id = '" . (int)$tax_rates_id . "', tax_zone_id = '" . (int)$tax_zone_id . "', tax_class_id = '" . (int)$tax_class_id . "', tax_rate = '" . tep_db_input($tax_rate) . "', tax_description = '" . tep_db_input($tax_description) . "', tax_priority = '" . tep_db_input($tax_priority) . "', last_modified = now() where tax_rates_id = '" . (int)$tax_rates_id . "'"); - tep_redirect(tep_href_link(FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $tax_rates_id)); + tep_redirect(tep_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $tax_rates_id)); break; case 'deleteconfirm': - $tax_rates_id = tep_db_prepare_input($HTTP_GET_VARS['tID']); + $tax_rates_id = tep_db_prepare_input($_GET['tID']); tep_db_query("delete from " . TABLE_TAX_RATES . " where tax_rates_id = '" . (int)$tax_rates_id . "'"); - tep_redirect(tep_href_link(FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'])); break; } } @@ -74,24 +74,24 @@ tax_rates_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - +
display_count($classes_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_TAX_CLASSES); ?>display_links($classes_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($classes_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_TAX_CLASSES); ?>display_links($classes_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
%tax_rates_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> tax_rates_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - + '' . TEXT_INFO_HEADING_NEW_TAX_RATE . ''); - $contents = array('form' => tep_draw_form('rates', FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&action=insert')); + $contents = array('form' => tep_draw_form('rates', FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&action=insert')); $contents[] = array('text' => TEXT_INFO_INSERT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_CLASS_TITLE . '
' . tep_tax_classes_pull_down('name="tax_class_id" style="font-size:10px"')); $contents[] = array('text' => '
' . TEXT_INFO_ZONE_NAME . '
' . tep_geo_zones_pull_down('name="tax_zone_id" style="font-size:10px"')); $contents[] = array('text' => '
' . TEXT_INFO_TAX_RATE . '
' . tep_draw_input_field('tax_rate')); $contents[] = array('text' => '
' . TEXT_INFO_RATE_DESCRIPTION . '
' . tep_draw_input_field('tax_description')); $contents[] = array('text' => '
' . TEXT_INFO_TAX_RATE_PRIORITY . '
' . tep_draw_input_field('tax_priority')); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_TAX_RATE . ''); - $contents = array('form' => tep_draw_form('rates', FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=save')); + $contents = array('form' => tep_draw_form('rates', FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_CLASS_TITLE . '
' . tep_tax_classes_pull_down('name="tax_class_id" style="font-size:10px"', $trInfo->tax_class_id)); $contents[] = array('text' => '
' . TEXT_INFO_ZONE_NAME . '
' . tep_geo_zones_pull_down('name="tax_zone_id" style="font-size:10px"', $trInfo->geo_zone_id)); $contents[] = array('text' => '
' . TEXT_INFO_TAX_RATE . '
' . tep_draw_input_field('tax_rate', $trInfo->tax_rate)); $contents[] = array('text' => '
' . TEXT_INFO_RATE_DESCRIPTION . '
' . tep_draw_input_field('tax_description', $trInfo->tax_description)); $contents[] = array('text' => '
' . TEXT_INFO_TAX_RATE_PRIORITY . '
' . tep_draw_input_field('tax_priority', $trInfo->tax_priority)); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $trInfo->tax_rates_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $trInfo->tax_rates_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_TAX_RATE . ''); - $contents = array('form' => tep_draw_form('rates', FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('rates', FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $trInfo->tax_class_title . ' ' . number_format($trInfo->tax_rate, TAX_DECIMAL_PLACES) . '%'); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $trInfo->tax_rates_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $trInfo->tax_rates_id))); break; default: if (is_object($trInfo)) { $heading[] = array('text' => '' . $trInfo->tax_class_title . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_TAX_RATES, 'page=' . $HTTP_GET_VARS['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $trInfo->tax_rates_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_INFO_DATE_ADDED . ' ' . tep_date_short($trInfo->date_added)); $contents[] = array('text' => '' . TEXT_INFO_LAST_MODIFIED . ' ' . tep_date_short($trInfo->last_modified)); $contents[] = array('text' => '
' . TEXT_INFO_RATE_DESCRIPTION . '
' . $trInfo->tax_description); diff --git a/catalog/admin/whos_online.php b/catalog/admin/whos_online.php index 12cef4cd6..3a519b4d9 100644 --- a/catalog/admin/whos_online.php +++ b/catalog/admin/whos_online.php @@ -49,7 +49,7 @@ $whos_online_query = tep_db_query("select customer_id, full_name, ip_address, time_entry, time_last_click, last_page_url, session_id from " . TABLE_WHOS_ONLINE); while ($whos_online = tep_db_fetch_array($whos_online_query)) { $time_online = (time() - $whos_online['time_entry']); - if ((!isset($HTTP_GET_VARS['info']) || (isset($HTTP_GET_VARS['info']) && ($HTTP_GET_VARS['info'] == $whos_online['session_id']))) && !isset($info)) { + if ((!isset($_GET['info']) || (isset($_GET['info']) && ($_GET['info'] == $whos_online['session_id']))) && !isset($info)) { $info = new ObjectInfo($whos_online); } diff --git a/catalog/admin/zones.php b/catalog/admin/zones.php index 7de127c5a..c1cda2ce8 100644 --- a/catalog/admin/zones.php +++ b/catalog/admin/zones.php @@ -12,35 +12,35 @@ require('includes/application_top.php'); - $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); + $action = (isset($_GET['action']) ? $_GET['action'] : ''); if (tep_not_null($action)) { switch ($action) { case 'insert': - $zone_country_id = tep_db_prepare_input($HTTP_POST_VARS['zone_country_id']); - $zone_code = tep_db_prepare_input($HTTP_POST_VARS['zone_code']); - $zone_name = tep_db_prepare_input($HTTP_POST_VARS['zone_name']); + $zone_country_id = tep_db_prepare_input($_POST['zone_country_id']); + $zone_code = tep_db_prepare_input($_POST['zone_code']); + $zone_name = tep_db_prepare_input($_POST['zone_name']); tep_db_query("insert into " . TABLE_ZONES . " (zone_country_id, zone_code, zone_name) values ('" . (int)$zone_country_id . "', '" . tep_db_input($zone_code) . "', '" . tep_db_input($zone_name) . "')"); tep_redirect(tep_href_link(FILENAME_ZONES)); break; case 'save': - $zone_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); - $zone_country_id = tep_db_prepare_input($HTTP_POST_VARS['zone_country_id']); - $zone_code = tep_db_prepare_input($HTTP_POST_VARS['zone_code']); - $zone_name = tep_db_prepare_input($HTTP_POST_VARS['zone_name']); + $zone_id = tep_db_prepare_input($_GET['cID']); + $zone_country_id = tep_db_prepare_input($_POST['zone_country_id']); + $zone_code = tep_db_prepare_input($_POST['zone_code']); + $zone_name = tep_db_prepare_input($_POST['zone_name']); tep_db_query("update " . TABLE_ZONES . " set zone_country_id = '" . (int)$zone_country_id . "', zone_code = '" . tep_db_input($zone_code) . "', zone_name = '" . tep_db_input($zone_name) . "' where zone_id = '" . (int)$zone_id . "'"); - tep_redirect(tep_href_link(FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $zone_id)); + tep_redirect(tep_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $zone_id)); break; case 'deleteconfirm': - $zone_id = tep_db_prepare_input($HTTP_GET_VARS['cID']); + $zone_id = tep_db_prepare_input($_GET['cID']); tep_db_query("delete from " . TABLE_ZONES . " where zone_id = '" . (int)$zone_id . "'"); - tep_redirect(tep_href_link(FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'])); + tep_redirect(tep_href_link(FILENAME_ZONES, 'page=' . $_GET['page'])); break; } } @@ -69,23 +69,23 @@ zone_id)) { - echo ' ' . "\n"; + echo ' ' . "\n"; } else { - echo ' ' . "\n"; + echo ' ' . "\n"; } ?> - +
display_count($rates_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_TAX_RATES); ?>display_links($rates_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($rates_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_TAX_RATES); ?>display_links($rates_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>
zone_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> zone_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ''; } ?> 
- - + + - + '' . TEXT_INFO_HEADING_NEW_ZONE . ''); - $contents = array('form' => tep_draw_form('zones', FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&action=insert')); + $contents = array('form' => tep_draw_form('zones', FILENAME_ZONES, 'page=' . $_GET['page'] . '&action=insert')); $contents[] = array('text' => TEXT_INFO_INSERT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_ZONES_NAME . '
' . tep_draw_input_field('zone_name')); $contents[] = array('text' => '
' . TEXT_INFO_ZONES_CODE . '
' . tep_draw_input_field('zone_code')); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_NAME . '
' . tep_draw_pull_down_menu('zone_country_id', tep_get_countries())); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page']))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ZONES, 'page=' . $_GET['page']))); break; case 'edit': $heading[] = array('text' => '' . TEXT_INFO_HEADING_EDIT_ZONE . ''); - $contents = array('form' => tep_draw_form('zones', FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->zone_id . '&action=save')); + $contents = array('form' => tep_draw_form('zones', FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->zone_id . '&action=save')); $contents[] = array('text' => TEXT_INFO_EDIT_INTRO); $contents[] = array('text' => '
' . TEXT_INFO_ZONES_NAME . '
' . tep_draw_input_field('zone_name', $cInfo->zone_name)); $contents[] = array('text' => '
' . TEXT_INFO_ZONES_CODE . '
' . tep_draw_input_field('zone_code', $cInfo->zone_code)); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_NAME . '
' . tep_draw_pull_down_menu('zone_country_id', tep_get_countries(), $cInfo->countries_id)); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->zone_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->zone_id))); break; case 'delete': $heading[] = array('text' => '' . TEXT_INFO_HEADING_DELETE_ZONE . ''); - $contents = array('form' => tep_draw_form('zones', FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->zone_id . '&action=deleteconfirm')); + $contents = array('form' => tep_draw_form('zones', FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->zone_id . '&action=deleteconfirm')); $contents[] = array('text' => TEXT_INFO_DELETE_INTRO); $contents[] = array('text' => '
' . $cInfo->zone_name . ''); - $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->zone_id))); + $contents[] = array('align' => 'center', 'text' => '
' . tep_draw_button(IMAGE_DELETE, 'trash', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->zone_id))); break; default: if (isset($cInfo) && is_object($cInfo)) { $heading[] = array('text' => '' . $cInfo->zone_name . ''); - $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->zone_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_ZONES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $cInfo->zone_id . '&action=delete'))); + $contents[] = array('align' => 'center', 'text' => tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->zone_id . '&action=edit')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $cInfo->zone_id . '&action=delete'))); $contents[] = array('text' => '
' . TEXT_INFO_ZONES_NAME . '
' . $cInfo->zone_name . ' (' . $cInfo->zone_code . ')'); $contents[] = array('text' => '
' . TEXT_INFO_COUNTRY_NAME . ' ' . $cInfo->countries_name); } diff --git a/catalog/includes/modules/content/header/templates/logo.php b/catalog/includes/modules/content/header/templates/logo.php index 6316378fa..1661e8a3a 100644 --- a/catalog/includes/modules/content/header/templates/logo.php +++ b/catalog/includes/modules/content/header/templates/logo.php @@ -1,4 +1,4 @@ diff --git a/catalog/includes/modules/payment/moneybookers.php b/catalog/includes/modules/payment/moneybookers.php index ef8913c05..724e200c2 100755 --- a/catalog/includes/modules/payment/moneybookers.php +++ b/catalog/includes/modules/payment/moneybookers.php @@ -611,7 +611,7 @@ function install() { tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('E-Mail Address', 'MODULE_PAYMENT_MONEYBOOKERS_PAY_TO', '" . (isset($_GET['email']) ? $_GET['email'] : '') . "', 'The Moneybookers seller e-mail address to accept payments for', '6', '4', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Merchant ID', 'MODULE_PAYMENT_MONEYBOOKERS_MERCHANT_ID', '" . (isset($_GET['custid']) ? $_GET['custid'] : '') . "', 'The Moneybookers merchant ID assigned to the seller e-mail address', '6', '4', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Secret Word', 'MODULE_PAYMENT_MONEYBOOKERS_SECRET_WORD', '', 'The secret word to verify transactions with', '6', '4', now())"); - tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Store Logo Image', 'MODULE_PAYMENT_MONEYBOOKERS_STORE_IMAGE', '" . tep_catalog_href_link('images/store_logo.png', '', 'SSL') . "', 'The URL of the store logo image to display on the gateway transaction page. This must be served through HTTPS otherwise it will not be shown.', '6', '4', now())"); + tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Store Logo Image', 'MODULE_PAYMENT_MONEYBOOKERS_STORE_IMAGE', '" . tep_catalog_href_link('images/' . STORE_LOGO, '', 'SSL') . "', 'The URL of the store logo image to display on the gateway transaction page. This must be served through HTTPS otherwise it will not be shown.', '6', '4', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('iFrame Presentation', 'MODULE_PAYMENT_MONEYBOOKERS_IFRAME', 'True', 'Show the Moneybookers payment pages through an iFrame?', '6', '3', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Debug E-Mail Address', 'MODULE_PAYMENT_MONEYBOOKERS_DEBUG_EMAIL', '', 'All parameters of an invalid transaction will be sent to this email address.', '6', '0', now())"); tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_MONEYBOOKERS_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())"); diff --git a/catalog/install/includes/functions/html_output.php b/catalog/install/includes/functions/html_output.php index 1f4e6a99e..51b79045c 100644 --- a/catalog/install/includes/functions/html_output.php +++ b/catalog/install/includes/functions/html_output.php @@ -12,7 +12,8 @@ function osc_draw_input_field($name, $value = null, $parameters = null, $override = true, $type = 'text') { $field = ' Configuration > Store Logo', '6', '0', NULL, now()); + INSERT INTO configuration_group VALUES ('1', 'My Store', 'General information about my store', '1', '1'); INSERT INTO configuration_group VALUES ('2', 'Minimum Values', 'The minimum values for functions / data', '2', '1'); INSERT INTO configuration_group VALUES ('3', 'Maximum Values', 'The maximum values for functions / data', '3', '1'); diff --git a/docs/STANDARD b/docs/STANDARD index ced5cea36..6d4b25cdb 100644 --- a/docs/STANDARD +++ b/docs/STANDARD @@ -60,32 +60,11 @@ Variable Scope* All variables must be accessed and set within their scope as: -$HTTP_GET_VARS['variable'] -$HTTP_POST_VARS['variable'] -$HTTP_COOKIE_VARS['variable'] -$variable (either local, or session) - -* This needs to be updated when the codebase has been made compatible with -the register_global parameter. Session variables are then accessed and set -within its scope as: - -$HTTP_SESSION_VARS['variable'] - -When PHP3 support is dropped, the following scope will be used: - $_GET['variable'] $_POST['variable'] $_COOKIE['variable'] $_SESSION['variable'] -PHP 4.0.x does not support the above scope which was introduced in PHP 4.1.x. -The following can be used which is not compatible with PHP 3.x: - -$_GET =& $HTTP_GET_VARS; -$_POST =& $HTTP_POST_VARS; -$_COOKIE =& $HTTP_COOKIE_VARS; -$_SESSION =& $HTTP_SESSION_VARS; - include() vs require() ---------------------- @@ -167,7 +146,7 @@ An example custom function style: @@ -286,9 +265,9 @@ Multiple values can be parsed, protected and inserted into the table in an easie fashion: $value1, 'column2' => $value2, @@ -300,9 +279,9 @@ fashion: A similar structure can be used for updating values in a table: $value1, 'column2' => $value2,
display_count($zones_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ZONES); ?>display_links($zones_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>display_count($zones_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ZONES); ?>display_links($zones_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?>