Jump to content

Why does it...

ccrevcypsys

By ccrevcypsys
in PHP Coding Help

 Share

Recommended Posts

ccrevcypsys Advanced Member

ccrevcypsys

Posted
  • Author
Posted 

<?php
/*
+--------------------------------------------------------------------------
|   CubeCart v3.0.15
|   ========================================
|   by Alistair Brookbanks
|	CubeCart is a Trade Mark of Devellion Limited
|   Copyright Devellion Limited 2005 - 2006. All rights reserved.
|   Devellion Limited,
|   22 Thomas Heskin Court,
|   Station Road,
|   Bishops Stortford,
|   HERTFORDSHIRE.
|   CM23 3EE
|   UNITED KINGDOM
|   http://www.devellion.com
|	UK Private Limited Company No. 5323904
|   ========================================
|   Web: http://www.cubecart.com
|   Date: Thursday, 4th January 2007
|   Email: sales (at) cubecart (dot) com
|	License Type: CubeCart is NOT Open Source Software and Limitations Apply 
|   Licence Info: http://www.cubecart.com/site/faq/license.php
+--------------------------------------------------------------------------
|	viewCat.inc.php
|   ========================================
|	Display the Current Category	
+--------------------------------------------------------------------------
*/
if (eregi(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || eregi(".inc.php",$_SERVER['PHP_SELF'])) {
echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
exit;
}

if(isset($_GET['page'])){

$page = treatGet($_GET['page']);

} else {

$page = 0;

}

$view_cat = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/viewCat.tpl");
////////////////////////
// BUILD SUB CATEGORIES
////////
if(isset($_GET['catId'])) {
$_GET['catId'] = treatGet($_GET['catId']);
// build query
$query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_category WHERE cat_father_id = ".$db->mySQLSafe($_GET['catId'])." ORDER BY cat_name ASC";

// get category array in foreign innit
$resultsForeign = $db->select("SELECT cat_master_id as cat_id, cat_name FROM ".$glob['dbprefix']."CubeCart_cats_lang WHERE cat_lang = '".$lang_folder."'");

// query database
$subCategories = "";
$subCategories = $db->select($query);

}

if(isset($_GET['catId']) && $_GET['catId']>0 && $subCategories == TRUE) {

// loop results
for ($i=0; $i<count($subCategories); $i++){

		if(is_array($resultsForeign)){

			for ($k=0; $k<count($resultsForeign); $k++){

				if($resultsForeign[$k]['cat_id'] == $subCategories[$i]['cat_id']){

					$subCategories[$i]['cat_name'] = $resultsForeign[$k]['cat_name'];

				}

			}

		}

		if(empty($subCategories[$i]['cat_image'])){
			$view_cat->assign("IMG_CATEGORY",$GLOBALS['songURL']."skins/".$config['skinDir']."/styleImages/catnophoto.gif");
		} else {
			$view_cat->assign("IMG_CATEGORY",$GLOBALS['songURL']."images/uploads/".$subCategories[$i]['cat_image']);
		}

	$view_cat->assign("TXT_LINK_CATID",$subCategories[$i]['cat_id']);

	$view_cat->assign("TXT_CATEGORY", validHTML($subCategories[$i]['cat_name']));

	$view_cat->assign("NO_PRODUCTS", $subCategories[$i]['noProducts']);

	$view_cat->parse("view_cat.sub_cats.sub_cats_loop");

} // end loop results
$view_cat->parse("view_cat.sub_cats");
} // end $subCategories == TRUE

////////////////////////////
// BUILD PRODUCTS
///////////


// build query
if(isset($_GET['searchStr'])){

// Fix for SQL Injection if Reg Globals is On
if(isset($searchArray))
{
	unset($searchArray);
}
$searchwords = split ( "[ ,]", treatGet($_GET['searchStr']));   
foreach($searchwords as $word){
	$searchArray[]=$word;
}

$noKeys = count($searchArray);
$like = "";
for ($i=0; $i<$noKeys;$i++) {

	$ucSearchTerm = strtoupper($searchArray[$i]);
	if(($ucSearchTerm!=="AND") && ($ucSearchTerm!=="OR")){

		$like .= "(name LIKE '%".$searchArray[$i]."%' OR description LIKE '%".$searchArray[$i]."%' OR productCode LIKE '%".$searchArray[$i]."%') OR ";

		// see if search terrm is in database
		$searchQuery = "SELECT id FROM ".$glob['dbprefix']."CubeCart_search WHERE searchstr='".$ucSearchTerm."'";
		$searchLogs = $db->select($searchQuery);

		$insertStr['searchstr'] = $db->mySQLsafe($ucSearchTerm);
		$insertStr['hits'] = $db->mySQLsafe(1);
		$updateStr['hits'] = "hits+1";

		if($searchLogs == TRUE) {

			$db->update($glob['dbprefix']."CubeCart_search",$updateStr,"id=".$searchLogs[0]['id'],$quote = "");

		} elseif(!empty($_GET['searchStr'])) {

			$db->insert($glob['dbprefix']."CubeCart_search",$insertStr);

		}

	} else {

		$like = substr($like,0,strlen($like)-3);
		$like .= $ucSearchTerm;

	}  

}
$like = substr($like,0,strlen($like)-3);

$productListQuery = "SELECT *,".$glob['dbprefix']."CubeCart_inventory.type as type FROM ".$glob['dbprefix']."CubeCart_inventory LEFT JOIN ".$glob['dbprefix']."CubeCart_customer on ".$glob['dbprefix']."CubeCart_customer.customer_id=".$glob['dbprefix']."CubeCart_inventory.customer_id WHERE ".$like;
if($_GET['srh_in']=='artist')
	$productListQuery = "SELECT *,".$glob['dbprefix']."CubeCart_inventory.type as type FROM ".$glob['dbprefix']."CubeCart_inventory LEFT JOIN ".$glob['dbprefix']."CubeCart_customer on ".$glob['dbprefix']."CubeCart_customer.customer_id=".$glob['dbprefix']."CubeCart_inventory.customer_id WHERE firstName like '%".$_GET['searchStr']."%' or lastName like '%".$_GET['searchStr']."%'";
elseif($_GET['srh_in']=='song')
                $productListQuery = "SELECT *,".$glob['dbprefix']."CubeCart_inventory.type as type FROM ".$glob['dbprefix']."CubeCart_inventory LEFT JOIN ".$glob['dbprefix']."CubeCart_customer on ".$glob['dbprefix']."CubeCart_customer.customer_id=".$glob['dbprefix']."CubeCart_inventory.customer_id WHERE name like '%".$_GET['searchStr']."%'";
} elseif($_GET['catId']=="saleItems" && $config['saleMode']>0) {

$productListQuery = "SELECT ".$glob['dbprefix']."CubeCart_cats_idx.cat_id, ".$glob['dbprefix']."CubeCart_cats_idx.productId, ".$glob['dbprefix']."CubeCart_inventory.type, productCode, albumName, firstName, lastName, digital_sample, quantity, description, image, price, name, popularity, sale_price, stock_level, useStockLevel FROM ".$glob['dbprefix']."CubeCart_cats_idx INNER JOIN ".$glob['dbprefix']."CubeCart_inventory ON ".$glob['dbprefix']."CubeCart_cats_idx.productId = ".$glob['dbprefix']."CubeCart_inventory.productId LEFT JOIN ".$glob['dbprefix']."CubeCart_customer on ".$glob['dbprefix']."CubeCart_customer.customer_id=".$glob['dbprefix']."CubeCart_inventory.customer_id WHERE sale_price > 0 GROUP BY ".$glob['dbprefix']."CubeCart_inventory.productId";


} else {

$productListQuery = "SELECT ".$glob['dbprefix']."CubeCart_cats_idx.cat_id, ".$glob['dbprefix']."CubeCart_cats_idx.productId, ".$glob['dbprefix']."CubeCart_inventory.type, firstName, albumName,".$glob['dbprefix']."CubeCart_inventory.type, lastName,productCode,digital_sample, quantity, description, image, price, name, popularity, sale_price, stock_level, useStockLevel FROM ".$glob['dbprefix']."CubeCart_cats_idx INNER JOIN ".$glob['dbprefix']."CubeCart_inventory ON ".$glob['dbprefix']."CubeCart_cats_idx.productId = ".$glob['dbprefix']."CubeCart_inventory.productId LEFT JOIN ".$glob['dbprefix']."CubeCart_customer on ".$glob['dbprefix']."CubeCart_customer.customer_id=".$glob['dbprefix']."CubeCart_inventory.customer_id WHERE ".$glob['dbprefix']."CubeCart_cats_idx.cat_id = ".$db->mySQLSafe($_GET['catId']);

}

$productResults = $db->select($productListQuery, $config['productPages'], $page);

// get different languages 
if($productResults == TRUE && $lang_folder !== $config['defaultLang']){

for($i=0;$i<count($productResults);$i++){

	if(($val = prodAltLang($productResults[$i]['productId'])) == TRUE){

			$productResults[$i]['name'] = $val['name'];
			$productResults[$i]['description'] = $val['description'];

	}

}

}

$totalNoProducts = $db->numrows($productListQuery);

// get current category info
if(isset($_GET['catId']) && $_GET['catId']>0){
	$currentCatQuery = "SELECT cat_name, cat_father_id, cat_id, cat_image FROM ".$glob['dbprefix']."CubeCart_category WHERE cat_id = ".$db->mySQLSafe($_GET['catId']);
	$currentCat = $db->select($currentCatQuery);

	$resultForeign = $db->select("SELECT cat_master_id as cat_id, cat_name FROM ".$glob['dbprefix']."CubeCart_cats_lang WHERE cat_lang = '".$lang_folder."' AND cat_master_id = ".$db->mySQLSafe($_GET['catId']));

	if($resultForeign == TRUE){

		$currentCat[0]['cat_name'] = $resultForeign[0]['cat_name'];

	}


}

	if(!empty($currentCat[0]['cat_image'])) {
		$view_cat->assign("IMG_CURENT_CATEGORY","images/uploads/".$currentCat[0]['cat_image']);
		$view_cat->assign("TXT_CURENT_CATEGORY",validHTML($currentCat[0]['cat_name']));
		$view_cat->parse("view_cat.cat_img");
	}

if(isset($_GET['searchStr'])){

	$view_cat->assign("TXT_CAT_TITLE",$lang['front']['viewCat']['search_results']);

} elseif($_GET['catId']=="saleItems" && $config['saleMode']>0) {

	$view_cat->assign("TXT_CAT_TITLE",$lang['front']['viewCat']['sale_items']);

} else {

	$view_cat->assign("TXT_CAT_TITLE",validHTML($currentCat[0]['cat_name']));

}

$view_cat->assign("LANG_IMAGE",$lang['front']['viewCat']['image']);
$view_cat->assign("LANG_DESC",$lang['front']['viewCat']['description']);
$view_cat->assign("LANG_PRICE",$lang['front']['viewCat']['price']);
$view_cat->assign("PAGINATION",$db->paginate($totalNoProducts, $config['productPages'], $page, "page"));

// repeated region
if($productResults == TRUE){

if($_GET['catId']>0){

	$view_cat->assign("LANG_CURRENT_DIR",$lang['front']['viewCat']['products_in']);
	$view_cat->assign("CURRENT_DIR",getCatDir(validHTML($currentCat[0]['cat_name']),$currentCat[0]['cat_father_id'], $currentCat[0]['cat_id'], $link=TRUE));

}

for ($i=0; $i<count($productResults); $i++){

	// alternate class
	$view_cat->assign("CLASS",cellColor($i, $tdEven="tdEven", $tdOdd="tdOdd"));

	if(file_exists($GLOBALS['rootDir']."/images/uploads/thumbs/thumb_".$productResults[$i]['image'])){

		$view_cat->assign("SRC_PROD_THUMB",$GLOBALS['songURL']."images/uploads/thumbs/thumb_".$productResults[$i]['image']);
	} else {
		$view_cat->assign("SRC_PROD_THUMB",$GLOBALS['songURL']."skins/".$config['skinDir']."/styleImages/thumb_nophoto.gif");
	}


	$view_cat->assign("VAL_PRODUCT_NAME",validHTML($productResults[$i]['name']));	
	$view_cat->assign("TXT_ALBUM_NAME",validHTML($productResults[$i]['albumName']));
	$view_cat->assign("VAL_PRODUCT_CODE",validHTML($productResults[$i]['productCode']));

	$randnum=rand(100,999);

	if($productResults[$i]['type']!='Album')
		$view_cat->assign("TXT_DIGITAL_SAMPLE","<p id='player".$productResults[$i]['productId']."'><a href='http://www.macromedia.com/go/getflashplayer'>Get the Flash Player</a> to see this player.</p><script type='text/javascript'>     var s".$productResults[$i]['productId']." = new SWFObject('player/flvplayer.swf?.$randnum','single','17','20','7');\n      s".$productResults[$i]['productId'].".addVariable('file','".$productResults[$i]['digital_sample']."');   \n s".$productResults[$i]['productId'].".addVariable('image','preview1.jpg');\n     s".$productResults[$i]['productId'].".write('player".$productResults[$i]['productId']."');\n</script>");
	else
		$view_cat->assign("TXT_DIGITAL_SAMPLE","<p id='player".$productResults[$i]['productId']."'><a href='http://www.macromedia.com/go/getflashplayer'>Get the Flash Player</a> to see this player.</p><script type='text/javascript'>     var s1 = new SWFObject('player/flvplayer.swf?.$randnum','playlist','100','50','7');      s1.addVariable('file','playlist.php?prodid=".$productResults[$i]['productId']."');   s1.addVariable('displayheight','0'); s1.addVariable('width','100');  s1.addVariable('backcolor','0x000000'); s1.addVariable('frontcolor','0xCCCCCC');       s1.addVariable('lightcolor','0x557722'); s1.write('player".$productResults[$i]['productId']."');</script>");

	$view_cat->assign("TXT_DESC",substr(strip_tags($productResults[$i]['description']),0,$config['productPrecis'])."…");

	if(salePrice($productResults[$i]['price'], $productResults[$i]['sale_price'])==FALSE){
		$view_cat->assign("TXT_PRICE",priceFormat($productResults[$i]['price']));
	} else {
		$view_cat->assign("TXT_PRICE","<span class='txtOldPrice'>".priceFormat($productResults[$i]['price'])."</span>");
	}
	$salePrice = salePrice($productResults[$i]['price'], $productResults[$i]['sale_price']);
	$view_cat->assign("TXT_ARTIST", $productResults[$i]['firstName']." ". $productResults[$i]['lastName']);

	$view_cat->assign("TXT_SALE_PRICE", priceFormat($salePrice));

	if($i%2==0)
		$view_cat->assign("TD_CLASS","class='tdlisting'");
	else
		$view_cat->assign("TD_CLASS","class='tdlisting2'");

	if(isset($_GET['add']) && isset($_GET['quan'])){

		$view_cat->assign("CURRENT_URL",str_replace(array("&add=".$_GET['add'],"&quan=".$_GET['quan']),"",currentPage()));

	} else {

		$view_cat->assign("CURRENT_URL",currentPage());

	}

	if($config['outofstockPurchase']==1){

		$view_cat->assign("BTN_BUY",$lang['front']['viewCat']['buy']);
		$view_cat->assign("PRODUCT_ID",$productResults[$i]['productId']);
		$view_cat->parse("view_cat.productTable.products.buy_btn");

	} elseif($productResults[$i]['useStockLevel']==1 && $productResults[$i]['stock_level']>0){

		$view_cat->assign("BTN_BUY",$lang['front']['viewCat']['buy']);
		$view_cat->assign("PRODUCT_ID",$productResults[$i]['productId']);
		$view_cat->parse("view_cat.productTable.products.buy_btn");

	} elseif($productResults[$i]['useStockLevel']==0){

		$view_cat->assign("BTN_BUY",$lang['front']['viewCat']['buy']);
		$view_cat->assign("PRODUCT_ID",$productResults[$i]['productId']);
		$view_cat->parse("view_cat.productTable.products.buy_btn");

	}

	$view_cat->assign("BTN_MORE",$lang['front']['viewCat']['more']);
	$view_cat->assign("PRODUCT_ID",$productResults[$i]['productId']);

	if($productResults[$i]['stock_level']<1 && $productResults[$i]['useStockLevel']==1 && $productResults[$i]['digital']==0){

		$view_cat->assign("TXT_OUTOFSTOCK",$lang['front']['viewCat']['out_of_stock']);

	} else {

		$view_cat->assign("TXT_OUTOFSTOCK","");

	}

	$view_cat->parse("view_cat.productTable.products");
}
$view_cat->parse("view_cat.productTable");

} elseif(isset($_GET['searchStr'])) {

$view_cat->assign("TXT_NO_PRODUCTS",$lang['front']['viewCat']['no_products_match']." ".treatGet($_GET['searchStr']));
$view_cat->parse("view_cat.noProducts");

} else {

$view_cat->assign("TXT_NO_PRODUCTS",$lang['front']['viewCat']['no_prods_in_cat']);
$view_cat->parse("view_cat.noProducts");

}

$view_cat->parse("view_cat");
$page_content = $view_cat->text("view_cat");
?>

 

ok sorry here it is

Link to comment
https://forums.phpfreaks.com/topic/64143-why-does-it/#findComment-319658
Share on other sites
ccrevcypsys Advanced Member

ccrevcypsys

Posted
  • Author
Posted

Look in the output (view > source code) and see where it is located in there. BY looking at the output you should be able to see where it is coming from.

 

<!-- BEGIN: view_cat -->

<div class="boxContent">

<span class="txtContentTitle">{TXT_CAT_TITLE}</span>

<br clear="all" />

<!-- BEGIN: sub_cats -->

<div id="subCats">

<!-- BEGIN: sub_cats_loop -->

<span class="subCat">

<a href="index.php?act=viewCat&catId={TXT_LINK_CATID}" class="txtDefault"><img src="{IMG_CATEGORY}" alt="{TXT_CATEGORY}" border="0" title="{TXT_CATEGORY}" /></a><br />

<a href="index.php?act=viewCat&catId={TXT_LINK_CATID}" class="txtDefault">{TXT_CATEGORY}</a> ({NO_PRODUCTS})

</span>

<!-- END: sub_cats_loop -->

</div>

<!-- END: sub_cats -->

<br clear="left" />

<!-- BEGIN: cat_img -->

<img src="{IMG_CURENT_CATEGORY}" alt="{TXT_CURENT_CATEGORY}" border="0" title="{TXT_CURENT_CATEGORY}" />

<!-- END: cat_img -->

<!-- BEGIN: productTable --><div class="pagination">{PAGINATION}</div>

<div><strong>{LANG_CURRENT_DIR}</strong> {CURRENT_DIR}</div>

<br clear="all" />

<table border="0" width="100%" cellspacing="1" cellpadding="0" class="tblList">

<tr class="boxTitleLeft"><td> </td><td>Artist</td><td>Song</td><td>Price</td><td>Album</td><td>Preview</td><td></td><td>Item Code</td></tr>

  <!-- BEGIN: products -->

  <tr><td {TD_CLASS}>   <a href="index.php?act=viewProd&productId={PRODUCT_ID}"><img src="{SRC_PROD_THUMB}" alt="{VAL_PRODUCT_NAME}" border="0" width='30' height='30' title="{VAL_PRODUCT_NAME}" /></a></td>e a

  <td {TD_CLASS}> {TXT_ARTIST}</td>

  <td {TD_CLASS}> <a href="index.php?act=viewProd&productId={PRODUCT_ID}" class="txtDefault">{VAL_PRODUCT_NAME}</a></td><td  {TD_CLASS}> {TXT_PRICE} <span class="txtSale">{TXT_SALE_PRICE}</span></td>

  <td  {TD_CLASS}> {TXT_ALBUM_NAME}</td>

  <td {TD_CLASS}>{TXT_DIGITAL_SAMPLE}</td>

<td {TD_CLASS}>

<form action="index.php?act=viewCat" method="post" name="prod{PRODUCT_ID}">

<input type="hidden" name="add" value="{PRODUCT_ID}" />

<input type="hidden" name="quan" value="1" /> <a href="javascript:submitDoc('prod{PRODUCT_ID}');" target="_self" class="txtButton">BUY</a></form>

</td>

<td {TD_CLASS}> {VAL_PRODUCT_CODE}</td>

</tr>

 

<!-- END: products -->

</table>

<!-- END: productTable -->

 

<!-- BEGIN: noProducts -->

<div>{TXT_NO_PRODUCTS}</div>

<!-- END: noProducts -->

 

<div class="pagination">{PAGINATION}</div>

</div>

<!-- END: view_cat -->

 

heres the .tpl code and it outputs above the table but theres nothing on this page that would let that happen. and i cant find where it is located in the main php page.

Link to comment
https://forums.phpfreaks.com/topic/64143-why-does-it/#findComment-319663
Share on other sites
ccrevcypsys Advanced Member

ccrevcypsys

Posted
  • Author
Posted

ok sorry im new to forums. but ne way here is the view source.

<div class="boxContent">
<span class="txtContentTitle">
Search Results
</span>
  
<br clear="all">
  <br clear="left">
<div class="pagination">
3 pages  
<strong>
[1]
</strong>
  
<a href="/index.php?page=1&srh_in=artist&searchStr=&act=viewCat&Submit=Go" class="txtLink">
2
</a>
  
<a href="/index.php?page=2&srh_in=artist&searchStr=&act=viewCat&Submit=Go" class="txtLink">
3
</a>
 
<a href="/index.php?page=1&srh_in=artist&searchStr=&act=viewCat&Submit=Go" class="txtLink">
>
</a>
</div>
<div>
<strong>
</strong>
</div>
e	a  e	a  e	a  e	a  e	a  e	a  e	a  e	a  e	a  e	a  
<table class="tblList" border="0" cellpadding="0" cellspacing="1" width="100%">
<tbody>
<tr class="boxTitleLeft">
<td>
 
</td>
<td>
Artist
</td>
<td>
Song
</td>
<td>
Price
</td>
<td>
Album
</td>
<td>
Preview
</td>
<td>
</td>
<td>
Item Code
</td>
</tr>

Link to comment
https://forums.phpfreaks.com/topic/64143-why-does-it/#findComment-319669
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.