Permalink
Browse files

Change the deprecated $HTTP_XXX_VARS to super global ones $_XXX catal…

…og side
  • Loading branch information...
1 parent c54aa28 commit f70eb51682051fae5ae8c9a9e39b708a666a21bb unknown committed Aug 14, 2011
View
@@ -20,14 +20,14 @@
// needs to be included earlier to set the success message in the messageStack
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_EDIT);
- if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'process') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {
- if (ACCOUNT_GENDER == 'true') $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
- $firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
- $lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
- if (ACCOUNT_DOB == 'true') $dob = tep_db_prepare_input($HTTP_POST_VARS['dob']);
- $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
- $telephone = tep_db_prepare_input($HTTP_POST_VARS['telephone']);
- $fax = tep_db_prepare_input($HTTP_POST_VARS['fax']);
+ if (isset($_POST['action']) && ($_POST['action'] == 'process') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {
+ if (ACCOUNT_GENDER == 'true') $gender = tep_db_prepare_input($_POST['gender']);
+ $firstname = tep_db_prepare_input($_POST['firstname']);
+ $lastname = tep_db_prepare_input($_POST['lastname']);
+ if (ACCOUNT_DOB == 'true') $dob = tep_db_prepare_input($_POST['dob']);
+ $email_address = tep_db_prepare_input($_POST['email_address']);
+ $telephone = tep_db_prepare_input($_POST['telephone']);
+ $fax = tep_db_prepare_input($_POST['fax']);
$error = false;
@@ -17,11 +17,11 @@
tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
}
- if (!isset($HTTP_GET_VARS['order_id']) || (isset($HTTP_GET_VARS['order_id']) && !is_numeric($HTTP_GET_VARS['order_id']))) {
+ if (!isset($_GET['order_id']) || (isset($_GET['order_id']) && !is_numeric($_GET['order_id']))) {
tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL'));
}
- $customer_info_query = tep_db_query("select o.customers_id from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_STATUS . " s where o.orders_id = '". (int)$HTTP_GET_VARS['order_id'] . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.public_flag = '1'");
+ $customer_info_query = tep_db_query("select o.customers_id from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_STATUS . " s where o.orders_id = '". (int)$_GET['order_id'] . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.public_flag = '1'");
$customer_info = tep_db_fetch_array($customer_info_query);
if ($customer_info['customers_id'] != $customer_id) {
tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL'));
@@ -31,18 +31,18 @@
$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL'));
- $breadcrumb->add(sprintf(NAVBAR_TITLE_3, $HTTP_GET_VARS['order_id']), tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $HTTP_GET_VARS['order_id'], 'SSL'));
+ $breadcrumb->add(sprintf(NAVBAR_TITLE_3, $_GET['order_id']), tep_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $_GET['order_id'], 'SSL'));
require(DIR_WS_CLASSES . 'order.php');
- $order = new order($HTTP_GET_VARS['order_id']);
+ $order = new order($_GET['order_id']);
require(DIR_WS_INCLUDES . 'template_top.php');
?>
<h1><?php echo HEADING_TITLE; ?></h1>
<div class="contentContainer">
- <h2><?php echo sprintf(HEADING_ORDER_NUMBER, $HTTP_GET_VARS['order_id']) . ' <span class="contentText">(' . $order->info['orders_status'] . ')</span>'; ?></h2>
+ <h2><?php echo sprintf(HEADING_ORDER_NUMBER, $_GET['order_id']) . ' <span class="contentText">(' . $order->info['orders_status'] . ')</span>'; ?></h2>
<div class="contentText">
<div>
@@ -164,7 +164,7 @@
<tr>
<td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
- $statuses_query = tep_db_query("select os.orders_status_name, osh.date_added, osh.comments from " . TABLE_ORDERS_STATUS . " os, " . TABLE_ORDERS_STATUS_HISTORY . " osh where osh.orders_id = '" . (int)$HTTP_GET_VARS['order_id'] . "' and osh.orders_status_id = os.orders_status_id and os.language_id = '" . (int)$languages_id . "' and os.public_flag = '1' order by osh.date_added");
+ $statuses_query = tep_db_query("select os.orders_status_name, osh.date_added, osh.comments from " . TABLE_ORDERS_STATUS . " os, " . TABLE_ORDERS_STATUS_HISTORY . " osh where osh.orders_id = '" . (int)$_GET['order_id'] . "' and osh.orders_status_id = os.orders_status_id and os.language_id = '" . (int)$languages_id . "' and os.public_flag = '1' order by osh.date_added");
while ($statuses = tep_db_fetch_array($statuses_query)) {
echo ' <tr>' . "\n" .
' <td valign="top" width="70">' . tep_date_short($statuses['date_added']) . '</td>' . "\n" .
@@ -16,11 +16,11 @@
$error = false;
- if ( (isset($HTTP_GET_VARS['keywords']) && empty($HTTP_GET_VARS['keywords'])) &&
- (isset($HTTP_GET_VARS['dfrom']) && (empty($HTTP_GET_VARS['dfrom']) || ($HTTP_GET_VARS['dfrom'] == DOB_FORMAT_STRING))) &&
- (isset($HTTP_GET_VARS['dto']) && (empty($HTTP_GET_VARS['dto']) || ($HTTP_GET_VARS['dto'] == DOB_FORMAT_STRING))) &&
- (isset($HTTP_GET_VARS['pfrom']) && !is_numeric($HTTP_GET_VARS['pfrom'])) &&
- (isset($HTTP_GET_VARS['pto']) && !is_numeric($HTTP_GET_VARS['pto'])) ) {
+ if ( (isset($_GET['keywords']) && empty($_GET['keywords'])) &&
+ (isset($_GET['dfrom']) && (empty($_GET['dfrom']) || ($_GET['dfrom'] == DOB_FORMAT_STRING))) &&
+ (isset($_GET['dto']) && (empty($_GET['dto']) || ($_GET['dto'] == DOB_FORMAT_STRING))) &&
+ (isset($_GET['pfrom']) && !is_numeric($_GET['pfrom'])) &&
+ (isset($_GET['pto']) && !is_numeric($_GET['pto'])) ) {
$error = true;
$messageStack->add_session('search', ERROR_AT_LEAST_ONE_INPUT);
@@ -31,24 +31,24 @@
$pto = '';
$keywords = '';
- if (isset($HTTP_GET_VARS['dfrom'])) {
- $dfrom = (($HTTP_GET_VARS['dfrom'] == DOB_FORMAT_STRING) ? '' : $HTTP_GET_VARS['dfrom']);
+ if (isset($_GET['dfrom'])) {
+ $dfrom = (($_GET['dfrom'] == DOB_FORMAT_STRING) ? '' : $_GET['dfrom']);
}
- if (isset($HTTP_GET_VARS['dto'])) {
- $dto = (($HTTP_GET_VARS['dto'] == DOB_FORMAT_STRING) ? '' : $HTTP_GET_VARS['dto']);
+ if (isset($_GET['dto'])) {
+ $dto = (($_GET['dto'] == DOB_FORMAT_STRING) ? '' : $_GET['dto']);
}
- if (isset($HTTP_GET_VARS['pfrom'])) {
- $pfrom = $HTTP_GET_VARS['pfrom'];
+ if (isset($_GET['pfrom'])) {
+ $pfrom = $_GET['pfrom'];
}
- if (isset($HTTP_GET_VARS['pto'])) {
- $pto = $HTTP_GET_VARS['pto'];
+ if (isset($_GET['pto'])) {
+ $pto = $_GET['pto'];
}
- if (isset($HTTP_GET_VARS['keywords'])) {
- $keywords = tep_db_prepare_input($HTTP_GET_VARS['keywords']);
+ if (isset($_GET['keywords'])) {
+ $keywords = tep_db_prepare_input($_GET['keywords']);
}
$date_check_error = false;
@@ -195,25 +195,25 @@
$where_str = " where p.products_status = '1' and p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' and p.products_id = p2c.products_id and p2c.categories_id = c.categories_id ";
- if (isset($HTTP_GET_VARS['categories_id']) && tep_not_null($HTTP_GET_VARS['categories_id'])) {
- if (isset($HTTP_GET_VARS['inc_subcat']) && ($HTTP_GET_VARS['inc_subcat'] == '1')) {
+ if (isset($_GET['categories_id']) && tep_not_null($_GET['categories_id'])) {
+ if (isset($_GET['inc_subcat']) && ($_GET['inc_subcat'] == '1')) {
$subcategories_array = array();
- tep_get_subcategories($subcategories_array, $HTTP_GET_VARS['categories_id']);
+ tep_get_subcategories($subcategories_array, $_GET['categories_id']);
- $where_str .= " and p2c.products_id = p.products_id and p2c.products_id = pd.products_id and (p2c.categories_id = '" . (int)$HTTP_GET_VARS['categories_id'] . "'";
+ $where_str .= " and p2c.products_id = p.products_id and p2c.products_id = pd.products_id and (p2c.categories_id = '" . (int)$_GET['categories_id'] . "'";
for ($i=0, $n=sizeof($subcategories_array); $i<$n; $i++ ) {
$where_str .= " or p2c.categories_id = '" . (int)$subcategories_array[$i] . "'";
}
$where_str .= ")";
} else {
- $where_str .= " and p2c.products_id = p.products_id and p2c.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' and p2c.categories_id = '" . (int)$HTTP_GET_VARS['categories_id'] . "'";
+ $where_str .= " and p2c.products_id = p.products_id and p2c.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' and p2c.categories_id = '" . (int)$_GET['categories_id'] . "'";
}
}
- if (isset($HTTP_GET_VARS['manufacturers_id']) && tep_not_null($HTTP_GET_VARS['manufacturers_id'])) {
- $where_str .= " and m.manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "'";
+ if (isset($_GET['manufacturers_id']) && tep_not_null($_GET['manufacturers_id'])) {
+ $where_str .= " and m.manufacturers_id = '" . (int)$_GET['manufacturers_id'] . "'";
}
if (isset($search_keywords) && (sizeof($search_keywords) > 0)) {
@@ -229,7 +229,7 @@
default:
$keyword = tep_db_prepare_input($search_keywords[$i]);
$where_str .= "(pd.products_name like '%" . tep_db_input($keyword) . "%' or p.products_model like '%" . tep_db_input($keyword) . "%' or m.manufacturers_name like '%" . tep_db_input($keyword) . "%'";
- if (isset($HTTP_GET_VARS['search_in_description']) && ($HTTP_GET_VARS['search_in_description'] == '1')) $where_str .= " or pd.products_description like '%" . tep_db_input($keyword) . "%'";
+ if (isset($_GET['search_in_description']) && ($_GET['search_in_description'] == '1')) $where_str .= " or pd.products_description like '%" . tep_db_input($keyword) . "%'";
$where_str .= ')';
break;
}
@@ -271,17 +271,17 @@
$where_str .= " group by p.products_id, tr.tax_priority";
}
- if ( (!isset($HTTP_GET_VARS['sort'])) || (!preg_match('/^[1-8][ad]$/', $HTTP_GET_VARS['sort'])) || (substr($HTTP_GET_VARS['sort'], 0, 1) > sizeof($column_list)) ) {
+ if ( (!isset($_GET['sort'])) || (!preg_match('/^[1-8][ad]$/', $_GET['sort'])) || (substr($_GET['sort'], 0, 1) > sizeof($column_list)) ) {
for ($i=0, $n=sizeof($column_list); $i<$n; $i++) {
if ($column_list[$i] == 'PRODUCT_LIST_NAME') {
- $HTTP_GET_VARS['sort'] = $i+1 . 'a';
+ $_GET['sort'] = $i+1 . 'a';
$order_str = " order by pd.products_name";
break;
}
}
} else {
- $sort_col = substr($HTTP_GET_VARS['sort'], 0 , 1);
- $sort_order = substr($HTTP_GET_VARS['sort'], 1);
+ $sort_col = substr($_GET['sort'], 0 , 1);
+ $sort_order = substr($_GET['sort'], 1);
switch ($column_list[$sort_col-1]) {
case 'PRODUCT_LIST_MODEL':
View
@@ -14,12 +14,12 @@
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {
+ if (isset($_GET['action']) && ($_GET['action'] == 'send') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {
$error = false;
- $name = tep_db_prepare_input($HTTP_POST_VARS['name']);
- $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
- $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
+ $name = tep_db_prepare_input($_POST['name']);
+ $email_address = tep_db_prepare_input($_POST['email']);
+ $enquiry = tep_db_prepare_input($_POST['enquiry']);
if (!tep_validate_email($email_address)) {
$error = true;
@@ -57,7 +57,7 @@
echo $messageStack->output('contact');
}
- if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) {
+ if (isset($_GET['action']) && ($_GET['action'] == 'success')) {
?>
<div class="contentContainer">
View
@@ -16,43 +16,43 @@
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CREATE_ACCOUNT);
$process = false;
- if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'process') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {
+ if (isset($_POST['action']) && ($_POST['action'] == 'process') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {
$process = true;
if (ACCOUNT_GENDER == 'true') {
- if (isset($HTTP_POST_VARS['gender'])) {
- $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
+ if (isset($_POST['gender'])) {
+ $gender = tep_db_prepare_input($_POST['gender']);
} else {
$gender = false;
}
}
- $firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
- $lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
- if (ACCOUNT_DOB == 'true') $dob = tep_db_prepare_input($HTTP_POST_VARS['dob']);
- $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
- if (ACCOUNT_COMPANY == 'true') $company = tep_db_prepare_input($HTTP_POST_VARS['company']);
- $street_address = tep_db_prepare_input($HTTP_POST_VARS['street_address']);
- if (ACCOUNT_SUBURB == 'true') $suburb = tep_db_prepare_input($HTTP_POST_VARS['suburb']);
- $postcode = tep_db_prepare_input($HTTP_POST_VARS['postcode']);
- $city = tep_db_prepare_input($HTTP_POST_VARS['city']);
+ $firstname = tep_db_prepare_input($_POST['firstname']);
+ $lastname = tep_db_prepare_input($_POST['lastname']);
+ if (ACCOUNT_DOB == 'true') $dob = tep_db_prepare_input($_POST['dob']);
+ $email_address = tep_db_prepare_input($_POST['email_address']);
+ if (ACCOUNT_COMPANY == 'true') $company = tep_db_prepare_input($_POST['company']);
+ $street_address = tep_db_prepare_input($_POST['street_address']);
+ if (ACCOUNT_SUBURB == 'true') $suburb = tep_db_prepare_input($_POST['suburb']);
+ $postcode = tep_db_prepare_input($_POST['postcode']);
+ $city = tep_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
- $state = tep_db_prepare_input($HTTP_POST_VARS['state']);
- if (isset($HTTP_POST_VARS['zone_id'])) {
- $zone_id = tep_db_prepare_input($HTTP_POST_VARS['zone_id']);
+ $state = tep_db_prepare_input($_POST['state']);
+ if (isset($_POST['zone_id'])) {
+ $zone_id = tep_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = false;
}
}
- $country = tep_db_prepare_input($HTTP_POST_VARS['country']);
- $telephone = tep_db_prepare_input($HTTP_POST_VARS['telephone']);
- $fax = tep_db_prepare_input($HTTP_POST_VARS['fax']);
- if (isset($HTTP_POST_VARS['newsletter'])) {
- $newsletter = tep_db_prepare_input($HTTP_POST_VARS['newsletter']);
+ $country = tep_db_prepare_input($_POST['country']);
+ $telephone = tep_db_prepare_input($_POST['telephone']);
+ $fax = tep_db_prepare_input($_POST['fax']);
+ if (isset($_POST['newsletter'])) {
+ $newsletter = tep_db_prepare_input($_POST['newsletter']);
} else {
$newsletter = false;
}
- $password = tep_db_prepare_input($HTTP_POST_VARS['password']);
- $confirmation = tep_db_prepare_input($HTTP_POST_VARS['confirmation']);
+ $password = tep_db_prepare_input($_POST['password']);
+ $confirmation = tep_db_prepare_input($_POST['confirmation']);
$error = false;
View
@@ -15,12 +15,12 @@
if (!tep_session_is_registered('customer_id')) die;
// Check download.php was called with proper GET parameters
- if ((isset($HTTP_GET_VARS['order']) && !is_numeric($HTTP_GET_VARS['order'])) || (isset($HTTP_GET_VARS['id']) && !is_numeric($HTTP_GET_VARS['id'])) ) {
+ if ((isset($_GET['order']) && !is_numeric($_GET['order'])) || (isset($_GET['id']) && !is_numeric($_GET['id'])) ) {
die;
}
// Check that order_id, customer_id and filename match
- $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . $customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'");
+ $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . $customer_id . "' and o.orders_id = '" . (int)$_GET['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$_GET['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'");
if (!tep_db_num_rows($downloads_query)) die;
$downloads = tep_db_fetch_array($downloads_query);
// MySQL 3.22 does not have INTERVAL
@@ -35,7 +35,7 @@
if (!file_exists(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'])) die;
// Now decrement counter
- tep_db_query("update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count = download_count-1 where orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "'");
+ tep_db_query("update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count = download_count-1 where orders_products_download_id = '" . (int)$_GET['id'] . "'");
// Returns a random name, 16 to 20 characters long
// There are more than 10^28 combinations
Oops, something went wrong.

0 comments on commit f70eb51

Please sign in to comment.