FILE COMPARISON
Produced: 27/07/2006 14:21:33

Mode: Differences with Context
Left base folder: CubeCart_3.0.10/upload
Right base folder: CubeCart_3.0.11/upload

File: admin\adminusers\permissions.php

46	include("../includes/header.inc.php");	=	46	include("../includes/header.inc.php");
47	if($_POST['noSections']>0){		47	if($_POST['noSections']>0){
48			48
49	// delete all current permissions to replace them		49	// delete all current permissions to replace them
50	$delete = $db->delete($glob['dbprefix']."CubeCart_admin_permissions","adminId=".$_POST['adminId']);		50	$delete = $db->delete($glob['dbprefix']."CubeCart_admin_permissions","adminId=".$_POST['adminId']);
51			51
52	for($i=0; $i<=$_POST['noSections']; $i++){	<>	52	for($i=0; $i<$_POST['noSections']; $i++){
53		=	53
54	$data['sectId'] = $db->mySQLSafe($_POST['sectId'.$i]);		54	$data['sectId'] = $db->mySQLSafe($_POST['sectId'.$i]);
55	$data['read'] = $db->mySQLSafe($_POST['read'.$i]);		55	$data['read'] = $db->mySQLSafe($_POST['read'.$i]);
56	$data['write'] = $db->mySQLSafe($_POST['write'.$i]);		56	$data['write'] = $db->mySQLSafe($_POST['write'.$i]);
57	$data['edit'] = $db->mySQLSafe($_POST['edit'.$i]);		57	$data['edit'] = $db->mySQLSafe($_POST['edit'.$i]);
58	$data['delete'] = $db->mySQLSafe($_POST['delete'.$i]);		58	$data['delete'] = $db->mySQLSafe($_POST['delete'.$i]);
59	$data['adminId'] = $db->mySQLSafe($_POST['adminId']);		59	$data['adminId'] = $db->mySQLSafe($_POST['adminId']);
60	$insert = $db->insert($glob['dbprefix']."CubeCart_admin_permissions",$data);		60	$insert = $db->insert($glob['dbprefix']."CubeCart_admin_permissions",$data);
		-+	61	unset($data);
61		=	62
62	}		63	}
63			64
64	$msg = "<p class='infoText'>".$lang['admin']['adminusers']['perms_updated']."</p>";		65	$msg = "<p class='infoText'>".$lang['admin']['adminusers']['perms_updated']."</p>";
65			66
66	}		67	}

77	<td align="center" class="tdTitle"><?php echo $lang['admin']['read']; ?></td>	=	78	<td align="center" class="tdTitle"><?php echo $lang['admin']['read']; ?></td>
78	<td align="center" class="tdTitle"><?php echo $lang['admin']['write']; ?></td>		79	<td align="center" class="tdTitle"><?php echo $lang['admin']['write']; ?></td>
79	<td align="center" class="tdTitle"><?php echo $lang['admin']['edit']; ?></td>		80	<td align="center" class="tdTitle"><?php echo $lang['admin']['edit']; ?></td>
80	<td align="center" class="tdTitle"><?php echo $lang['admin']['delete']; ?></td>		81	<td align="center" class="tdTitle"><?php echo $lang['admin']['delete']; ?></td>
81	</tr>		82	</tr>
82	<?php		83	<?php
83	$baseQuery = "SELECT ".$glob['dbprefix']."CubeCart_admin_sections.sectId, name, description, `read`, `write`, `edit`, `delete` FROM ".$glob['dbprefix']."CubeCart_admin_sections LEFT JOIN ".$glob['dbprefix']."CubeCart_admin_permissions ON ".$glob['dbprefix']."CubeCart_admin_sections.sectId = ".$glob['dbprefix']."CubeCart_admin_permissions.sectId";	<>	84	$sectionsQuery = "SELECT * FROM ".$glob['dbprefix']."CubeCart_admin_sections";
84	$extendedQuery = " WHERE adminId = ".$_GET['adminId'];
85	$results = $db->select($baseQuery.$extendedQuery);		85	$sectionsResult = $db->select($sectionsQuery);
86		=	86
87	// build keys so if new sections are added the permissions can be set	<>
88	for($i=0; $i<count($results); $i++){		87	if($sectionsResult == TRUE) {
89	$key = $results[$i]['sectId'];
90	$sectKey[$key] = 1;
91	}
92		=	88
93	$newSects = $db->select($baseQuery);	<>	89	for($i=0; $i<count($sectionsResult); $i++) {
94		=	90
95	if($results == TRUE) {	+-
96		=	91
97	for($i=0; $i<count($results); $i++) {	<>	92	$permissionsQuery = "SELECT * FROM ".$glob['dbprefix']."CubeCart_admin_permissions WHERE adminId = ".$db->mySQLSafe($_GET['adminId'])." AND sectId = ".$db->mySQLSafe($sectionsResult[$i]['sectId']);
			93	$permissionsResult = $db->select($permissionsQuery);
98			94
99	$cellColor = "";	=	95	$cellColor = "";
100	$cellColor = cellColor($i);		96	$cellColor = cellColor($i);
101	?>		97	?>
102	<tr>		98	<tr>
103	<td class="<?php echo $cellColor; ?>"><span class="copyText"><strong><?php echo ucfirst($results[$i]['name']); ?></strong> - <?php echo $results[$i]['description']; ?></span><input type="hidden" name="sectId<?php echo $i; ?>" value="<?php echo $results[$i]['sectId']; ?>" /></td>	<>	99	<td class="<?php echo $cellColor; ?>"><span class="copyText"><strong><?php echo ucfirst($sectionsResult[$i]['name']); ?></strong> - <?php echo $sectionsResult[$i]['description']; ?></span><input type="hidden" name="sectId<?php echo $i; ?>" value="<?php echo $sectionsResult[$i]['sectId']; ?>" /></td>
104	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="read<?php echo $i; ?>" type="checkbox" value="1" <?php if($results[$i]['read']==1) { echo "checked='checked'"; } ?> /></td>		100	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="read<?php echo $i; ?>" type="checkbox" value="1" <?php if($permissionsResult[0]['read']==1) { echo "checked='checked'"; } ?> /></td>
105	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="write<?php echo $i; ?>" type="checkbox" value="1" <?php if($results[$i]['write']==1) { echo "checked='checked'"; } ?> /></td>		101	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="write<?php echo $i; ?>" type="checkbox" value="1" <?php if($permissionsResult[0]['write']==1) { echo "checked='checked'"; } ?> /></td>
106	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="edit<?php echo $i; ?>" type="checkbox" value="1" <?php if($results[$i]['edit']==1) { echo "checked='checked'"; } ?> /></td>		102	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="edit<?php echo $i; ?>" type="checkbox" value="1" <?php if($permissionsResult[0]['edit']==1) { echo "checked='checked'"; } ?> /></td>
107	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="delete<?php echo $i; ?>" type="checkbox" value="1" <?php if($results[$i]['delete']==1) { echo "checked='checked'"; } ?> /></td>		103	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="delete<?php echo $i; ?>" type="checkbox" value="1" <?php if($permissionsResult[0]['delete']==1) { echo "checked='checked'"; } ?> /></td>
108	</tr>	=	104	</tr>
109	<?php } ?>		105	<?php } ?>
110	<?php } ?>		106	<?php } ?>
111	<?php	+-
112	if($newSects == TRUE){
113		=	107
114	for($i=0; $i<count($newSects); $i++) {	+-
115
116	$key = $newSects[$i]['sectId'];
117
118	if(!isset($sectKey[$key])){
119
120	$cellColor = "";
121	$cellColor = cellColor($i);
122	?>
123	<tr>
124	<td class="<?php echo $cellColor; ?>"><span class="copyText"><strong><?php echo ucfirst($newSects[$i]['name']); ?></strong> - <?php echo $newSects[$i]['description']; ?></span><input type="hidden" name="sectId<?php echo $i; ?>" value="<?php echo $newSects[$i]['sectId']; ?>" /></td>
125	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="read<?php echo $i; ?>" type="checkbox" value="1" <?php if($newSects[$i]['read']==1) { echo "checked='checked'"; } ?> /></td>
126	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="write<?php echo $i; ?>" type="checkbox" value="1" <?php if($newSects[$i]['write']==1) { echo "checked='checked'"; } ?> /></td>
127	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="edit<?php echo $i; ?>" type="checkbox" value="1" <?php if($newSects[$i]['edit']==1) { echo "checked='checked'"; } ?> /></td>
128	<td align="center" valign="middle" class="<?php echo $cellColor; ?>"><input name="delete<?php echo $i; ?>" type="checkbox" value="1" <?php if($newSects[$i]['delete']==1) { echo "checked='checked'"; } ?> /></td>
129	</tr>
130	<?php
131	}
132	}
133	}
134	?>
135	<tr>	=	108	<tr>
136	<td colspan="5" align="right">		109	<td colspan="5" align="right">
137	<input type="hidden" value="<?php echo $_GET['adminId']; ?>" name="adminId" />		110	<input type="hidden" value="<?php echo $_GET['adminId']; ?>" name="adminId" />
138	<input type="hidden" value="<?php echo $i; ?>" name="noSections" />		111	<input type="hidden" value="<?php echo $i; ?>" name="noSections" />
139	<input name="Submit" type="submit" class="submit" id="Submit" value="Update Permissions" /></td>		112	<input name="Submit" type="submit" class="submit" id="Submit" value="Update Permissions" /></td>
140	</tr>		113	</tr>
141	</table>		114	</table>
142	</form>		115	</form>
143	<span class="copyText"><?php echo $lang['admin']['adminusers']['nb_bulk']; ?></span>		116	<span class="copyText"><?php echo $lang['admin']['adminusers']['nb_bulk']; ?></span>
144	<?php include("../includes/footer.inc.php"); ?>		117	<?php include("../includes/footer.inc.php"); ?>

File: admin\categories\index.php

214	<tr>	=	214	<tr>
215	<td colspan="2" class="tdTitle"><?php if(isset($_GET["edit"]) && $_GET["edit"]>0){ echo $modeTxt; } else { echo $modeTxt; } ?> <?php echo $lang['admin']['categories']['category'];?></td>		215	<td colspan="2" class="tdTitle"><?php if(isset($_GET["edit"]) && $_GET["edit"]>0){ echo $modeTxt; } else { echo $modeTxt; } ?> <?php echo $lang['admin']['categories']['category'];?></td>
216	</tr>		216	</tr>
217	<tr>		217	<tr>
218	<td class="tdText"><?php echo $lang['admin']['categories']['category_name'];?></td>		218	<td class="tdText"><?php echo $lang['admin']['categories']['category_name'];?></td>
219	<td>		219	<td>
220	<input name="cat_name" type="text" class="textbox" value="<?php if(isset($results[0]['cat_name'])) echo $results[0]['cat_name']; ?>" maxlength="255" />	<>	220	<input name="cat_name" type="text" class="textbox" value="<?php if(isset($results[0]['cat_name'])) echo validHTML($results[0]['cat_name']); ?>" maxlength="255" />
221	</td>	=	221	</td>
222	</tr>		222	</tr>
223	<tr>		223	<tr>
224	<td class="tdText"><?php echo $lang['admin']['categories']['category_level'];?></td>		224	<td class="tdText"><?php echo $lang['admin']['categories']['category_level'];?></td>
225	<td>		225	<td>
226			226

File: admin\customers\index.php

 $config = fetchDbConfig("config");
 include_once("../../language/".$config['defaultLang']."/lang.inc.php");
 $enableSSl = 1;
 include_once("../../includes/sslSwitch.inc.php");
 include("../includes/auth.inc.php");
-include("../includes/header.inc.php");
 if(permission("customers","read")==FALSE){
         header("Location: ".$GLOBALS['rootRel']."admin/401.php");
         exit;
 }
+include("../includes/header.inc.php");
 $rowsPerPage = 25;
 if(isset($_GET["delete"]) && $_GET["delete"]>0){
 // instantiate db class
 $where = "customer_id=".$db->mySQLSafe($_GET["delete"]);
         $record["firstName"] = $db->mySQLSafe($_POST['firstName']);
         $record["lastName"] = $db->mySQLSafe($_POST['lastName']);
         $record["email"] = $db->mySQLSafe($_POST['email']);
         $record["add_1"] = $db->mySQLSafe($_POST['add_1']);
         $record["add_2"] = $db->mySQLSafe($_POST['add_2']);
         $record["town"] = $db->mySQLSafe($_POST['town']);
+        $record["postcode"] = $db->mySQLSafe($_POST['postcode']);
         $record["county"] = $db->mySQLSafe($_POST['county']);
         $record["country"] = $db->mySQLSafe($_POST['country']);
         $record["phone"] = $db->mySQLSafe($_POST['phone']);
         $zoneId = $db->select("SELECT * FROM ".$glob['dbprefix']."CubeCart_iso_counties WHERE (abbrev LIKE '".addslashes_gpc($_POST['county'])."' OR name LIKE '".addslashes_gpc($_POST['county'])."')");
         <span class="tdText"><?php
         if(!empty($results[$i]['add_1'])) echo $results[$i]['add_1'].", ";
         if(!empty($results[$i]['add_2'])) echo $results[$i]['add_2'].", ";
         if(!empty($results[$i]['town'])) echo $results[$i]['town'].", ";
         if(!empty($results[$i]['county'])) echo $results[$i]['county'].", ";
         if(!empty($results[$i]['postcode'])) echo $results[$i]['postcode'].", ";
-        if(!empty($results[$i]['country'])) echo $results[$i]['country'];
+        if(!empty($results[$i]['country'])) echo countryName($results[$i]['country']);
         ?>
         </span></td>
     <td class="<?php echo $cellColor; ?>"><span class="tdText"><?php echo $results[$i]['phone']; ?></span></td>
     <td nowrap='nowrap' class="<?php echo $cellColor; ?>"><span class="tdText">
                 <?php echo formatTime($results[$i]['regTime']); ?><br />
                 <a href="javascript:;" class="txtLink" onclick="openPopUp('../misc/lookupip.php?ip=<?php echo $results[$i]['ipAddress']; ?>','misc',300,120)"><?php echo $results[$i]['ipAddress']; ?></a></span>
   <tr>
     <td width="175" class="tdText"><?php echo $lang['admin']['customers']['postcode']; ?></td>
     <td width="175"><input name="postcode" type="text" id="postcode" value="<?php echo $results[0]['postcode']; ?>" class="textbox" /></td>
   </tr>
   <tr>
     <td width="175" class="tdText"><?php echo $lang['admin']['customers']['country']; ?></td>
-    <td width="175"><input name="country" type="text" id="country" value="<?php echo $results[0]['country']; ?>" class="textbox" /></td>
+    <td width="175">
+        <?php
+          $countries = $db->select("SELECT * FROM ".$glob['dbprefix']."CubeCart_iso_countries");
+          ?>
+        <select name="country">
+        <?php
+        for($i=0; $i<count($countries); $i++){
+        ?>
+        <option value="<?php echo $countries[$i]['id']; ?>" <?php if($countries[$i]['id'] == $results[0]['country']) echo "selected='selected'"; ?>><?php echo $countries[$i]['printable_name']; ?></option>
+        <?php } ?>
+        </select>
+        </td>
   </tr>
   <tr>
     <td width="175" class="tdText"><?php echo $lang['admin']['customers']['phone2']; ?></td>
     <td width="175"><input name="phone" type="text" id="phone" value="<?php echo $results[0]['phone']; ?>" class="textbox" /></td>
   </tr>
   <tr>

File: admin\customers\send.php

 include_once("../../includes/functions.inc.php");
 $config = fetchDbConfig("config");
 include_once("../../language/".$config['defaultLang']."/lang.inc.php");
 $enableSSl = 1;
 include_once("../../includes/sslSwitch.inc.php");
 include("../includes/auth.inc.php");
-include("../includes/header.inc.php");
 if(permission("customers","write")==FALSE){
         header("Location: ".$GLOBALS['rootRel']."admin/401.php");
         exit;
 }
+include("../includes/header.inc.php");
 // number of email recipients per page
 $perPage = 20;
 if($_POST['test']==0){
         $query = "SELECT email, firstName, lastName, htmlEmail FROM ".$glob['dbprefix']."CubeCart_customer WHERE optIn1st = 1";
         $emailList = $db->select($query, $perPage, $_GET['page']);

File: admin\docs\siteDocs.php

103	<table width="100%" border="0" cellspacing="0" cellpadding="0">	=	103	<table width="100%" border="0" cellspacing="0" cellpadding="0">
104	<tr>		104	<tr>
105	<td nowrap='nowrap'><p class="pageTitle"><?php echo $lang['admin']['docs']['site_docs']; ?></p></td>		105	<td nowrap='nowrap'><p class="pageTitle"><?php echo $lang['admin']['docs']['site_docs']; ?></p></td>
106	<?php if(!isset($_GET["mode"])){ ?><td align="right" valign="middle"><a <?php if(permission("documents","write")==TRUE){?>href="?mode=new" class="txtLink"<?php } else { echo $link401; } ?>><img src="../images/buttons/new.gif" alt="" hspace="4" border="0" title="" /><?php echo $lang['admin']['add_new']; ?></a></td><?php } ?>		106	<?php if(!isset($_GET["mode"])){ ?><td align="right" valign="middle"><a <?php if(permission("documents","write")==TRUE){?>href="?mode=new" class="txtLink"<?php } else { echo $link401; } ?>><img src="../images/buttons/new.gif" alt="" hspace="4" border="0" title="" /><?php echo $lang['admin']['add_new']; ?></a></td><?php } ?>
107	</tr>		107	</tr>
108	</table>		108	</table>
109	<?php if((isset($_GET['edit']) && $_GET['edit']>0) \|\| (isset($_GET['mode']) && $_GET['mode']=="new")){ ?>	<>	109	<?php if((isset($_GET['edit']) && $_GET['edit']>0 && permission("documents","edit")==TRUE) \|\| (isset($_GET['mode']) && $_GET['mode']=="new" && permission("documents","write")==TRUE)){ ?>
110	<form action="<?php echo $GLOBALS['rootRel'];?>admin/docs/siteDocs.php" target="_self" method="post" language="javascript">	=	110	<form action="<?php echo $GLOBALS['rootRel'];?>admin/docs/siteDocs.php" target="_self" method="post" language="javascript">
111	<p class="copyText"><?php echo $lang['admin']['docs']['use_rich_text'];?></p>		111	<p class="copyText"><?php echo $lang['admin']['docs']['use_rich_text'];?></p>
112	<table width="100%" border="0" cellspacing="0" cellpadding="4" class="mainTable">		112	<table width="100%" border="0" cellspacing="0" cellpadding="4" class="mainTable">
113	<tr>		113	<tr>
114	<td class="tdTitle"><?php echo $lang['admin']['docs']['site_doc']; ?></td>		114	<td class="tdTitle"><?php echo $lang['admin']['docs']['site_doc']; ?></td>
115	</tr>		115	</tr>

File: admin\filemanager\upload.php

File: admin\images\froogle.gif

1	GIF89aL???æ???t UË\°???,³Ž	+-
2	?”„¤¼î??—½‰?èÃ/ §µ{†{?0²\\ÄÅÌØÖÑPdŒ¿½½˜s?ÜÓÃHoÆÝÝßò…†ß233f3È®Sm€nvŸö:`°Ž33ˆÎˆ?’?ÕÛå·´©âêúùÞ€Á&&ä¯?œµë$E¢¢¢ƒcb·÷¹v!!«¬®ôpp(h+ÿÌÌÌÿÌH\„\y¶ÆÍäuÈ I²‘)ÿõÈÿ§§ØkkñâãÅ +Öºa@…DÌQQkx•¼››À»«??–ÌÌÌ÷ùüØïÚµ¸Á¶ã¹™ŠŠ}¥üUá4NÞ·4ïÑÑÿÁÂë))–RR?d"¾¶¶wŸzæ&&?3™µ¥wÃsrÿûßÁ×ÿ=räÆÃ¼ã……mÑr¢Ù¥™??Þ""$ŸÌÿ3fÌÿèÒÌ??ÆàÇÃœ?òå·@µG'B}Rl¢ÖyyáàÔòÊGÕæÿÜðÞ?7µ™¹ü¡ ÿî¨Ê„„òÔh”{gùµµCX‹º¯°¿µ•ÙGG{ƒ”U}Õÿÿÿ!ù?????,????L?????ÿ€""oYbrrbYoŒŽ‘’“”•"rJ?ššcc52•¡¢”ppGf£DIqK(!!(}K?£¶¶f^??,©?U1m:C[?·È¢G?Q½¢D¿?ÉÓÈ0aQR¾UÒÔÝ¡ÖQ?ÚÜÞå‘Ö.[ã“EpŒE§/?9-x“tvv#7’YŠ„LÌø£âƒ??Žp´°pïO…c? ÅY?©ˆ??i<? ??À?F?.Ô?r?Ì??n¸É°gO†?nÈ82 „†?-Z(¬1BÐ Â?xø\?Ò?Ì…&??D`?†?
3	~üP Á¨Â.?=¦hX€Ð? ? J?)SæJ£? 28?!bÆË??ÿ?É?£ Í???„°?VðàŸ??
4	???‚M??Ž$ªùÁø‡³?]?`R¡ò?'?R€pdX€?FvÎ ?Ñ¨
5	“3??i Ž?…??{º?ò§E‡Ç9?¬øÌ?Ú¶ m‚?c?Yƒ?G??ÜyÔä‚?(°$˜ÃÓÑˆ??&d©?¬‘‰8jŽõ?È§Ã&?ø4@‚‚vïh’"/xÔâ??H-?t?q£ÄœŸg%€€?«,1Ü?Û©!Îx€up…?Wè1Ä1‰Á?‰\|ŽèÀ‡}à À
6	CÐá?€Œ`áÆ€?ÄQ?€b?C[_ ¼@??zTV?$¾‘ó?†Ã8?Ý#?v0ƒˆ???‰??X??ÿ??p°Ù??´Â?Œ2~Q?%9Æ?À\|Žø €
7	?6bÁ?)ˆÐß€H'A/?äÁ??b(±?
8	?Âø‡s$`¹ŠŽŽðØÈ???`–<$¬à???ì?W## pÇ@´?‚?ZÄÑÇ?apL?ú0‰?Z? ?‰ïtÔÃ?ñÅ?l0‚Ç?6 ðd??$Š?##œq‡?(1@
9	OB?@?(0ÒÀ??\À??l?Çˆ?kÌ²?¤?Ñ???LáŽ#zt@? >ø€„?aþ?B?s ÆC?(T×ˆ?&pPÅ¯Nqm?Fþ„
10	?\|A??Ù8ÒÆ?[?j#?Dà@¹€`??R?&‰?,„°Å{?Áþ‘Ä?2Ð À?Büúä?
11	‡9??(°àÀÁæx³A
12	(?§ƒ?FÔp?(-ç?Š?5°öˆ??,Á²ÎD7’Ä??8ëH
13	??í´#¾rÀ² BôñôÕÌpÂ?c?@Ú?IpÐGkX;í???TQƒ&2°à^ÙOë°?Ê,?3´-??;

File: admin\images\googleBase.gif

-+	1	GIF89aL???æ???`?üñ‘>ÅF?)®®???&š\|œÛŸ¸æ?*s«ŽŠ³¸ÍWÙ™??µŒ?æ¹?†™u? zut¼gVÐÊ¼?fºßàäÿÿÌ]q ³³³v çíù”£°Ã¾¯î×xÔÔÔ·B0³œVêŠ\|?—?NWqôóð7V–ÌÐàuh:½ž
	2	KÇ{’Å¦¦¤óîå!]ßÞÅV¬¬«ÌÌÌÝåöZ-)²?†1'®)?äÝÍÿÿÿøøø‰ˆ‚ÐaOþóÂT‡ñ¼ÄÌü¼´±Åê¢í“¯â£è¦å@-Þ‚xZks?+Ç½½¼†u6™™™¶ì¹kÎoôÏ7{>5ÑŸ?n“á?IÕëèà?9xûÎÈÃØÿ®©žÿÿøKlµÖ}oéÐ·:påÔ(??=Ÿ»Ž‡{ƒ‘ÿåa&b)cºp”ØÖJ5ÅÓïp‘pÖÆ¥¿ÑÒ½Î¾†??w-ˆ§Þ––•Åª—ù¨œæ Â¯cïôûw`Z–ofÿ÷µ?:¼ân_$T¿¡ŸûÙÔš¸ùÐ°0J]”ÏPCÿýéöè§!ù????7?,????L?????ÿ€7‚ƒ‚?z?OOzT8„Ž‘’JKK"(’™ƒ?@??WaWw-Zz?š¨©7?o???ªŽT-%I??¹/?u?\|$²ÁB"¯±ÂT)#U?Q8Ï$6a???Â×‚J"`GØ1-? Ög??ÀØÂÚ`0Ø@?#?‘VQèƒy>n>y‘;tü@Ò?#Nœ?dbÜX×nÐ??û2iÐ‚ Ç1TntHðaH?{7,¸€?g?&Y?ÅÑód???Z®(¸AŒ ?!6~ØBä?$Z?^È
	3	Q#G3+j?€Î?“?/z(?áÄ‰?Aqž\y±áŽ‘?^ÚÕl‡ÃÎ‡?g0\|Xzq?(Rÿº¥òQCÎ??8â´!À Ë
	4	+L2<¨@â ?'3lÜÐS‡M??Gî?¸À‚æ6ynŠ*,?A†<G8€?‘‚!UY?9â?Š£ƒ?
	5	t?œ˜9h‚ƒ? 4ðR¥‘?ÑRäÕôP6Í??nìH?¡¡#Ñ?6¤Ê3?B?Gn¶@ÀðÅÉ ?™4PóCK?¡©@AÐm8‹1i?`‘ aH? L?¨R?? þ?0Eul82 ?xt‡?xƒà ?-?à…??R1€??X?†?Ô¥Á??Gx A[„TÐ‚?\ôàˆ?Al F?ÑM±??s¨vÏ??¬Ð??È5È?
	6	È?ƒ
	7	?pqÀ
	8	qì–Cÿ??zÀÂ?4ÆáS&8¨`„??0Ù`?6??Î?QôA@?ã?B—?=dáD? \ôE?ÕDá…?w?Áƒ-Ÿ
	9	GBk4d˜J?W\IBŽ\|ƒ??7pÀW?±`??9T???
	10	$6È?3œ°B#Qp€‡?F?¡˜ o\vÃ?\|Õ0?^$8#‰?\|?0@
	11	AÄ Á†ÔÀuq$??XL1…?4?Õˆ? d0C??ü±??l”yC???1@?±,???eT€ƒ¯??ÐÇ\|]T&‰
	12	s?P@?Z,à.?#ŒP?’/ÈAÃ??Ìñ??ö˜??j€?B??Œƒ??@<A????aÀ3(?QD?h ¹Bÿ?2@@Ã?üjÂ??9DP???<°??¸hy???œq†??x»â?
	13	(`‚ æÆ?Ä??l°B?%X;??0Wà*Ñ?` @Ì$BÒª
	14	PG!uÓ???É3??ÁE??DÁ???\á‹¹W7ÎjAˆ±†??ØˆJ?ZHÑ†=V˜PGpgŸ??h@Æ??ýðÃ)??®Z?‚ß@??\ø(H?\Œ 5?Ÿ±???8p9q7x?ÒÙq?°Æ?A?€x?¨ï½F??à€º?? ??d?BÅ?%àaÅ?x¬ÐÍ??’@??9?ñL?óæ¤?\|¯a?A?¬?óµÆÐ¼?8?QB?)´»???¬`Í
	15	I$ÑÎ?9\|Ö??LÂÄ¦Êß0ý?‚°?Ä??˜N??kŒ.ÆþËž?ø@²?øNK+èÝùÒ'??¬???H Ê@'†?¬M?10€è0?„µ!?Îc› èá\4Ã?IxÁ?Vp??à?p?0Ø°?68îl?Ù?á?????Ž?‡ÛŸÛ2±B?0É?)´F?ŒG‚#À?É‹Ÿ?!1¥•™me‚???;

File: admin\includes\auth.inc.php

25	\| auth.inc.php	=	25	\| auth.inc.php
26	\| ========================================		26	\| ========================================
27	\| Admin Authentication and Permissions		27	\| Admin Authentication and Permissions
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);		36	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);
37	@ini_set("session.cookie_path",$sessionDomain);		37	@ini_set("session.cookie_path",$sessionDomain);

File: admin\includes\currencyVars.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| currencyVars.inc.php		25	\| currencyVars.inc.php
26	\| ========================================		26	\| ========================================
27	\| Currency Vars		27	\| Currency Vars
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	$query = "SELECT value, symbolLeft, symbolRight, decimalPlaces, name FROM ".$glob['dbprefix']."CubeCart_currencies WHERE code=".$db->mySQLSafe($config['defaultCurrency']);		35	$query = "SELECT value, symbolLeft, symbolRight, decimalPlaces, name FROM ".$glob['dbprefix']."CubeCart_currencies WHERE code=".$db->mySQLSafe($config['defaultCurrency']);
36	$currencyVars = $db->select($query);		36	$currencyVars = $db->select($query);
37	?>		37	?>

File: admin\includes\footer.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| footer.inc.php		25	\| footer.inc.php
26	\| ========================================		26	\| ========================================
27	\| Admin Footer		27	\| Admin Footer
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	if(isset($_SESSION['ccAdmin'])){ ?>		35	if(isset($_SESSION['ccAdmin'])){ ?>
36	</div>		36	</div>

File: admin\includes\header.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| header.inc.php		25	\| header.inc.php
26	\| ========================================		26	\| ========================================
27	\| Admin Header		27	\| Admin Header
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34	?>		34	?>
35	<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">		35	<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
36	<html xmlns="http://www.w3.org/1999/xhtml">		36	<html xmlns="http://www.w3.org/1999/xhtml">

File: admin\includes\navigation.inc.php

File: admin\misc\info.php

1	<?php	=	1	<?php
		-+	2	include("../../includes/global.inc.php");
2	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);	=	3	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);
3	@ini_set("session.cookie_path",$sessionDomain);	<>	4
4	if($glob['rootRel']=="/"){	=	5	if($glob['rootRel']=="/"){
5	$sessionName = "ccSID";		6	$sessionName = "ccSID";
6	} else {		7	} else {
7	$sessionName = "ccSID-".md5($glob['rootRel']);		8	$sessionName = "ccSID-".md5($glob['rootRel']);
8	}		9	}
		<>	10
			11	session_name($sessionName);
			12	@ini_set("session.cookie_path",$sessionDomain);
9	session_start();	=	13	session_start();
10			14
11	if(isset($_SESSION['ccAdmin'])){		15	if(isset($_SESSION['ccAdmin'])){
12	echo phpinfo();		16	echo phpinfo();
13	}		17	}
14	?>		18	?>

File: admin\modules\gateway\Authorize_AIM\index.php

-+	1	<?php
	2	/*
	3	+--------------------------------------------------------------------------
	4	\| CubeCart v3.0.1
	5	\| ========================================
	6	\| by Alistair Brookbanks
	7	\| CubeCart is a Trade Mark of Devellion Limited
	8	\| Copyright Devellion Limited 2005 - 2006. All rights reserved.
	9	\| Devellion Limited,
	10	\| 22 Thomas Heskin Court,
	11	\| Station Road,
	12	\| Bishops Stortford,
	13	\| HERTFORDSHIRE.
	14	\| CM23 3EE
	15	\| UNITED KINGDOM
	16	\| http://www.devellion.com
	17	\| UK Private Limited Company No. 5323904
	18	\| ========================================
	19	\| Web: http://www.cubecart.com
	20	\| Date: Friday, 15 July 2005
	21	\| Email: info (at) cubecart (dot) com
	22	\| License Type: CubeCart is NOT Open Source Software and Limitations Apply
	23	\| Licence Info: http://www.cubecart.com/site/faq/license.php
	24	+--------------------------------------------------------------------------
	25	\| index.php
	26	\| ========================================
	27	\| Configure Authorize.net
	28	+--------------------------------------------------------------------------
	29	*/
	30	include("../../../../includes/ini.inc.php");
	31	include("../../../../includes/global.inc.php");
	32	require_once("../../../../classes/db.inc.php");
	33	$db = new db();
	34	include_once("../../../../includes/functions.inc.php");
	35	$config = fetchDbConfig("config");
	36
	37	include_once("../../../../language/".$config['defaultLang']."/lang.inc.php");
	38	$enableSSl = 1;
	39	include_once("../../../../includes/sslSwitch.inc.php");
	40	include("../../../includes/auth.inc.php");
	41	include("../../../includes/header.inc.php");
	42
	43	if(permission("settings","read")==FALSE){
	44	header("Location: ".$GLOBALS['rootRel']."admin/401.php");
	45	exit;
	46	}
	47
	48	if(isset($_POST['module'])){
	49	include("../../status.php");
	50	include("../../../includes/functions.inc.php");
	51	$module = fetchDbConfig($_GET['folder']);
	52	$msg = writeDbConf($_POST['module'], $_GET['folder'], $module);
	53
	54	}
	55	$module = fetchDbConfig($_GET['folder']);
	56	?>
	57
	58	<p><a href="http://www.authorize.net/"><img src="logo.gif" alt="" border="0" title="" /></a></p>
	59	<?php
	60	if(isset($msg)){
	61	echo stripslashes($msg);
	62	}
	63	?>
	64	<p class="copyText">"Your Gateway to IP Transactions."</p>
	65
	66	<form action="<?php echo $GLOBALS['rootRel'];?>admin/modules/<?php echo $_GET['module']; ?>/<?php echo $_GET['folder']; ?>/index.php?module=<?php echo $_GET['module']; ?>&folder=<?php echo $_GET['folder']; ?>" method="post" enctype="multipart/form-data">
	67	<table border="0" cellspacing="0" cellpadding="3" class="mainTable">
	68	<tr>
	69	<td colspan="2" class="tdTitle">Configuration Settings </td>
	70	</tr>
	71	<tr>
	72	<td align="left" class="tdText"><strong>Status:</strong></td>
	73	<td class="tdText">
	74	<select name="module[status]">
	75	<option value="1" <?php if($module['status']==1) echo "selected='selected'"; ?>>Enabled</option>
	76	<option value="0" <?php if($module['status']==0) echo "selected='selected'"; ?>>Disabled</option>
	77	</select> </td>
	78	</tr>
	79	<tr>
	80	<td align="left" class="tdText"><strong>Description:</strong> </td>
	81	<td class="tdText"><input type="text" name="module[desc]" value="<?php echo $module['desc']; ?>" class="textbox" size="30" /></td>
	82	</tr>
	83	<tr>
	84	<td align="left" class="tdText"><strong>Merchant Id:</strong></td>
	85	<td class="tdText"><input type="text" name="module[acNo]" value="<?php echo $module['acNo']; ?>" class="textbox" size="30" /></td>
	86	</tr>
	87	<tr>
	88	<td align="left" class="tdText"><strong>Transaction Key:</strong><br/>Please login and create this at <a href="https://secure.authorize.net" target="_blank" class="txtLink">https://secure.authorize.net</a> (opens in new window)</td>
	89	<td class="tdText"><input type="text" name="module[txnkey]" value="<?php echo $module['txnkey']; ?>" class="textbox" size="30" /></td>
	90	</tr>
	91	<tr>
	92	<td align="left" class="tdText"><strong>Testing:</strong></td>
	93	<td class="tdText"><select name="module[testMode]">
	94	<option value="1" <?php if($module['testMode'] == 1) echo "selected='selected'"; ?>>Yes</option>
	95	<option value="0" <?php if($module['testMode'] == 0) echo "selected='selected'"; ?>>No</option>
	96	</select></td>
	97	</tr>
	98	<tr>
	99	<td align="left" class="tdText"><strong>Default:</strong></td>
	100	<td class="tdText">
	101	<select name="module[default]">
	102	<option value="1" <?php if($module['default'] == 1) echo "selected='selected'"; ?>>Yes</option>
	103	<option value="0" <?php if($module['default'] == 0) echo "selected='selected'"; ?>>No</option>
	104	</select> </td>
	105	</tr>
	106
	107	<tr>
	108	<td align="left" class="tdText"><strong>Debugging: </strong></td>
	109	<td class="tdText"><select name="module[debug]">
	110	<option value="0" <?php if($module['debug'] == 0) echo "selected='selected'"; ?>>No</option>
	111	<option value="1" <?php if($module['debug'] == 1) echo "selected='selected'"; ?>>Yes</option>
	112	</select></td>
	113	</tr>
	114	<tr>
	115	<td align="right" class="tdText"> </td>
	116	<td class="tdText"><input type="submit" class="submit" value="Edit Config" /></td>
	117	</tr>
	118	</table>
	119	</form>
	120	<?php include("../../../includes/footer.inc.php"); ?>

File: admin\modules\gateway\Authorize_AIM\logo.gif

-+	1	GIF89ar???÷?????êïóŒ£²Ah~?;XÁÒÙ?!BnŠ›¨¼Æ3[sÛÝâ??,? BZ{Žöýþ)Jeƒ™§ºÁË›²½?'E??(9Hb[g~N[s??+ÔÕÜv‘¡';X?;VçæèlzŒ
	2	+J??!œ¨¶ö÷ø¼ËÒ??7™§«´¾°ÂÉÌÕÚTl‚?1NDYo?"A[r‡)Jk…–¥AHbk„–çîðP]t"<Y):U?.LÄÎÖ??)¢¯{‹œÖßå??<ÏÝáàçí 0N?/MC_w4=Y??@c~’®»???´½Ç÷÷ÿ??1?Sm??#Nq…£³½Th~•«·îö÷bs„ÿÿÿ+Qk?:WÇ×Üh{’??/Jbybg{‰”¤??;ïîñ0Id!+KŒ¬z™©Ýäçu“?+K¬µÅ3>U?1P???½Æ;Pi? 0ÌÌÌ\ez6B[ÕÝá£ª·Ks‰[“$CaJTlq†™ÁÈÕÌßäæéí??<–¤¯9[s?2Qcv‹'2G´ÅÎaz
	3	?.…œ?!JÍ×Þ??7??\?*H?7UÖäèMi~??!•§³.D`{“¤£¯»·ÂµµÅ'A\?9U™¬·1JkTcz2RkÉÝáq}‘
	4	1P
	5	%Jcs]uŠ?A^an‚??(–Ÿ®qŒœ¿ÏÖ°ÁÊ¼ÅÎ¨¸Â?!JB[rîòôYl‚…¡®?)HAc{?!J?1Qq}:Upµ½ÎBRs2@]ÅÖÖßáåAMh”˜§sŒ”Tt‰c‚””œ¥Rp…$B^??'ÎÐÖ?<Y§¿Ì:Jk?0Ojw†:?S&0P??,?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????!ù????R?,????r?????ÿ?¥??H° Áƒ??\È°¡Ã‡?#JœH±¢Å‹?3jÜÈ±£Ç CŠ?I²¤C(&S.tà€âˆ?1TÝÁèÆÄÌ‰"î ,(¢C)\n^Ô¢ƒ"š
	6	8~?¥(£Í?U-%úð0'K?‚>Ä\ø4§DÔŠPT???q-‹&t pqG??JÈJ?qdÅ’!¦?Š(e??–? ?ùHåF.BG„€z˜ÇP^)‹X1ZJÑ”•A?}?Â±§
	7	ÖC#?¾ñr£G?7
	8	±$1³Ëá P€v??d ‹À¯?)?Ä]wA??}<0€CŽn8,??å«?BWŽ7 “°”?&?¦Ü$ƒëE?)nJäÿ±??X??ž?yè0i?ª?™n&XÇÉ?'??¢hòF???ø1?$¡\|á@?3XÀ‡?‹hQ„@n?!I&Ç?„‚*«?aD??I‘?
	9	~??Â?iáa?[?“‚??(¤Š?7œbÃc&ì?B??ì€
	10	?WŒ0?#f??‹?ìÙàI??$a??ÔAöK?Ô€A#RŒâË?,4âÅ?—@à…?”ˆP??l\|?Ä??\|!??x B??Æ RÐ
	11	•8 ?? XÑR?‘Ü E1,ìRƒ"!èh??X\|r?B¶Dò†?—lAÄm?\??J¤œ²EˆMl¡B?dåÀ
	12	?ŽÜ!??8<x„"xô E)Ð5ÿáÀ$C?‘??e¼J? $’Ê‹"¤‚??Xˆ0??Æ?Å?VÌ©Ä?" BA?T*ÀÈ?y?ñ?
	13	¿¨áÃ(§hR‹?†?´??~ø Ë??È&Å?$ ‚R?¯??"?$?â™?9¨õS*´Pƒ?XœÑ?s+ø%E?†$Ñ„?>´Ô??‰@?p$ñ?
	14	RÐ?Â??äÐ
	15	(3”{ƒ?¨õðÀ??4¡?*~Ü²??OhÀ?2¥}°±B?ðak?S°ÂÊ$?A?/J£?a¯?¦ä[€@ýv?œ??O??
	16	?ü!?NàpI*v°D??éB±\µ??BQ"ÌA??1Ä?È???t2jRŒ°G?räÿÐK?Ç¼²Ë.?ä—?§ŒágB(Œ!J?7øñ??½´dt?dÑ»tÓ†<Í¯ZÀÝQ??EÈ°??ºl
	17	?]ˆ€‰Ø¥”C±R?\|F
	18	Ç‰???(tC?xKáÈ??h2€)?ì±Ó@??`Ãâ?½ ‚P_€?„«ÐŠ@=?2?ÇM$¡‚«±ÒÅ¿???Å%F\**F`!?&
	19	C/ÅÄ)?$Á?›4!P?” À%€Ã??è ?-¹Á%Ü%?:lÁ??(…?®°Š?@?h?‚&?h;¨À??Ù!Œ Šw]?4aØ…??€??4??Cx??¤ð??0‚,"???ž …"?a?!J…?ÿ– ?)T?UöÓE¯¤ Â3Ä@ 7@??†à???¡?¦€À?@€€5í!4zÁÂ????ø¹??£°D?\|à‡-l?
	20	wÐÍ(ô@?9œ@ ©ÐÀ+?°?? €?0DE+X±?F¬!?’?Á?R??=<hF»Â?já?:,A?9H?! …A´‚?$ÐC^D?MœP?‰?Á?â?ˆ?\|`?vJ??®p…6„?g ??Fñ€$Láa?ñ?1†€??T€?ÓJ?,D??9Pà?Xˆ]A?@„/ˆB?dñ??!?:Ð!?ƒ B
	21	±???¡?3?E?øPŠšåà?ŽH??4ð?: A ?hA
	22	þ M?X!?Oˆ?¤?€Fˆâ ?h???
	23	?Ä€??sÀ þP‰?Ì$?V?„?cð…?@€€?)??¨s‡@¨‚?ù?È(ˆÐ‰#tˆ ä’‚??CÓÛD…71e‰Må¢Óq¦r‰ií¢"Tr•K¦¸ÑiN*S‚ôt7¾Q‰T§JÕªZõªXÍªV·ÊÕ®zõ«`
	24	«XS???;

File: admin\products\index.php

45	if(permission("products","read")==FALSE){	=	45	if(permission("products","read")==FALSE){
46	header("Location: ".$GLOBALS['rootRel']."admin/401.php");		46	header("Location: ".$GLOBALS['rootRel']."admin/401.php");
47	exit;		47	exit;
48	}		48	}
49	$productsPerPage = 25;		49	$productsPerPage = 25;
50			50
51	if(isset($_GET['action']) && $_GET['action']=="froogle"){	<>	51	if(isset($_GET['action']) && $_GET['action']=="gbase"){
52		=	52
53	$db = new db();		53	$db = new db();
54	$query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_inventory INNER JOIN ".$glob['dbprefix']."CubeCart_category on ".$glob['dbprefix']."CubeCart_inventory.cat_id = ".$glob['dbprefix']."CubeCart_category.cat_id ".$whereClause." ORDER BY name ASC";		54	$query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_inventory INNER JOIN ".$glob['dbprefix']."CubeCart_category on ".$glob['dbprefix']."CubeCart_inventory.cat_id = ".$glob['dbprefix']."CubeCart_category.cat_id ".$whereClause." ORDER BY name ASC";
55	$results = $db->select($query);		55	$results = $db->select($query);
56			56
57	if($results==TRUE) {		57	if($results==TRUE) {
58			58
59	$froogleContent = "product_url\tname\tdescription\tprice\timage_url\tcategory\toffer_id\r\n";	<>	59	$googleBaseContent = "product_url\tname\tdescription\timage_url\tprice\r\n";
60		=	60
61	for($i=0; $i<count($results); $i++){		61	for($i=0; $i<count($results); $i++){
62			62
63			63
64	$salePrice = salePrice($results[$i]['price'], $results[$i]['sale_price']);		64	$salePrice = salePrice($results[$i]['price'], $results[$i]['sale_price']);
65			65

77	"),"",strip_tags($results[$i]['name']));	=	77	"),"",strip_tags($results[$i]['name']));
78	$name = str_replace(" ","",$name);		78	$name = str_replace(" ","",$name);
79	$desc = str_replace(array(" ","\t","\r","\n","\0","\x0B","		79	$desc = str_replace(array(" ","\t","\r","\n","\0","\x0B","
80	"),"",strip_tags($results[$i]['description']));		80	"),"",strip_tags($results[$i]['description']));
81	$desc = str_replace(" ","",$desc);		81	$desc = str_replace(" ","",$desc);
82			82
83	$froogleContent .= $glob['storeURL']."/index.php?act=viewProd&productId=".$results[$i]['productId']."\t".$name."\t".$desc."\t".$price;	<>	83	$googleBaseContent .= $glob['storeURL']."/index.php?act=viewProd&productId=".$results[$i]['productId']."\t".$name."\t".$desc;
			84
84	if($results[$i]['image']){	=	85	if($results[$i]['image']){
85	$froogleContent .= "\t".$glob['storeURL']."/images/uploads/".$results[$i]['image'];	<>	86	$googleBaseContent .= "\t".$glob['storeURL']."/images/uploads/".$results[$i]['image'];
86	} else {	=	87	} else {
87	$froogleContent .= "\t".$glob['storeURL']."/skins/".$config['skinDir']."/styleImages/nophoto.gif";	<>	88	$googleBaseContent .= "\t".$glob['storeURL']."/skins/".$config['skinDir']."/styleImages/nophoto.gif";
88	}	=	89	}
89	$froogleContent .= "\t".$results[$i]['cat_name'];	<>	90
90	$froogleContent .= "\t".$results[$i]['productCode'];
91	$froogleContent .= "\r\n";		91	$googleBaseContent .= "\t".$price."\r\n";
92		=	92
93	}		93	}
		<>	94
			95
			96	$filename = "GoogleBaseFeed_";
			97	$contentLength = strlen($googleBaseContent);
			98	$content = $googleBaseContent;
			99
94	$filename="FroogleFeed_".date("dMy").".txt";		100	$filename .= date("dMy").".txt";
95	header('Pragma: private');	=	101	header('Pragma: private');
96	header('Cache-control: private, must-revalidate');		102	header('Cache-control: private, must-revalidate');
97	header("Content-Disposition: attachment; filename=".$filename);		103	header("Content-Disposition: attachment; filename=".$filename);
98	header("Content-type: text/plain");		104	header("Content-type: text/plain");
99	header("Content-type: application/octet-stream");		105	header("Content-type: application/octet-stream");
100	header("Content-length: ".strlen($froogleContent));	<>	106	header("Content-length: ".strlen($contentLength));
101	header("Content-Transfer-Encoding: binary");	=	107	header("Content-Transfer-Encoding: binary");
102	echo $froogleContent;	<>	108	echo $content;
103	exit;	=	109	exit;
104	}		110	}
105			111
106	} elseif(isset($_GET['delete']) && $_GET["delete"]>0){		112	} elseif(isset($_GET['delete']) && $_GET["delete"]>0){
107			113
108	// delete product		114	// delete product

345	<table width="100%" border="0" cellspacing="0" cellpadding="0">	=	351	<table width="100%" border="0" cellspacing="0" cellpadding="0">
346	<tr>		352	<tr>
347	<td nowrap='nowrap'><p class="pageTitle"><?php echo $lang['admin']['products']['prod_inventory'];?></p></td>		353	<td nowrap='nowrap'><p class="pageTitle"><?php echo $lang['admin']['products']['prod_inventory'];?></p></td>
348	<?php if(!isset($_GET["mode"])){ ?><td align="right" valign="middle"><a <?php if(permission("products","write")==TRUE){ ?>href="?mode=new" class="txtLink" <?php } else { echo $link401; } ?>><img src="../images/buttons/new.gif" alt="" hspace="4" border="0" title="" /><?php echo $lang['admin']['add_new'];?></a></td><?php } ?>		354	<?php if(!isset($_GET["mode"])){ ?><td align="right" valign="middle"><a <?php if(permission("products","write")==TRUE){ ?>href="?mode=new" class="txtLink" <?php } else { echo $link401; } ?>><img src="../images/buttons/new.gif" alt="" hspace="4" border="0" title="" /><?php echo $lang['admin']['add_new'];?></a></td><?php } ?>
349	</tr>		355	</tr>
350	<tr align="right">		356	<tr align="right">
351	<td colspan="2" nowrap='nowrap'><a href="index.php?action=froogle"><img src="../images/froogle.gif" alt="Download Froogle Product Feed" width="76" height="28" border="0" title="" /></a></td>	<>	357	<td colspan="2" nowrap='nowrap'>
			358	<a href="index.php?action=gbase"><img src="../images/googleBase.gif" alt="Download Google Base Product Feed" width="76" height="28" border="0" title="" /></a></td>
352	</tr>	=	359	</tr>
353	</table>		360	</table>
354			361
355	<?php if(isset($msg)){ echo stripslashes($msg); }?>		362	<?php if(isset($msg)){ echo stripslashes($msg); }?>
356	<?php		363	<?php
357	if(!isset($_GET['mode']) && !isset($_GET['edit'])){	<>	364	if(!isset($_GET['mode']) && !isset($_GET['edit']) ){
358	?>	=	365	?>
359	<?php if($results == TRUE){ ?>		366	<?php if($results == TRUE){ ?>
360	<p class="copyText"><?php echo $lang['admin']['products']['current_prods_in_db'];?></p>		367	<p class="copyText"><?php echo $lang['admin']['products']['current_prods_in_db'];?></p>
361	<form name="filter" method="get" action="<?php echo $GLOBALS['rootRel'];?>admin/products/index.php">		368	<form name="filter" method="get" action="<?php echo $GLOBALS['rootRel'];?>admin/products/index.php">
362	<p align="right" class="copyText">		369	<p align="right" class="copyText">
363	<select name="category" class="textbox">		370	<select name="category" class="textbox">

369	by	=	376	by
370	<select name="orderCol" class="textbox">		377	<select name="orderCol" class="textbox">
371	<option value="name" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="name") echo "selected='selected'";?>><?php echo $lang['admin']['products']['prod_name'];?></option>		378	<option value="name" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="name") echo "selected='selected'";?>><?php echo $lang['admin']['products']['prod_name'];?></option>
372	<option value="productId" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="productId") echo "selected='selected'";?>><?php echo $lang['admin']['products']['prod_id'];?></option>		379	<option value="productId" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="productId") echo "selected='selected'";?>><?php echo $lang['admin']['products']['prod_id'];?></option>
373	<option value="productCode" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="productCode") echo "selected='selected'";?>><?php echo $lang['admin']['products']['prod_code'];?></option>		380	<option value="productCode" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="productCode") echo "selected='selected'";?>><?php echo $lang['admin']['products']['prod_code'];?></option>
374	<option value="cat_id" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="cat_id") echo "selected='selected'";?>><?php echo $lang['admin']['products']['master_cat2'];?></option>		381	<option value="cat_id" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="cat_id") echo "selected='selected'";?>><?php echo $lang['admin']['products']['master_cat2'];?></option>
375	<option value="title" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="title") echo "selected='selected'";?>><?php echo $lang['admin']['products']['title'];?></option>	+-
376	<option value="stock_level" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="stock_level") echo "selected='selected'";?>><?php echo $lang['admin']['products']['stock_level'];?></option>	=	382	<option value="stock_level" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="stock_level") echo "selected='selected'";?>><?php echo $lang['admin']['products']['stock_level'];?></option>
377	<option value="price" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="price") echo "selected='selected'";?>><?php echo $lang['admin']['products']['normal_price'];?></option>		383	<option value="price" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="price") echo "selected='selected'";?>><?php echo $lang['admin']['products']['normal_price'];?></option>
378	<option value="sale_price" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="sale_price") echo "selected='selected'";?>><?php echo $lang['admin']['products']['sale_price'];?></option>		384	<option value="sale_price" <?php if(isset($_GET['orderCol']) && $_GET['orderCol']=="sale_price") echo "selected='selected'";?>><?php echo $lang['admin']['products']['sale_price'];?></option>
379	</select>		385	</select>
380	in		386	in
381	<select name="orderDir" class="textbox">		387	<select name="orderDir" class="textbox">

467	</tr>	=	473	</tr>
468	<?php } ?>		474	<?php } ?>
469	</table>		475	</table>
470	<p class="copyText"><?php echo $pagination; ?></p>		476	<p class="copyText"><?php echo $pagination; ?></p>
471			477
472	<?php		478	<?php
473	} elseif($_GET["mode"]=="new" OR $_GET["edit"]>0){	<>	479	} elseif(($_GET["mode"]=="new" && permission("products","write")==TRUE) \|\| ($_GET["edit"]>0 && permission("products","edit")==TRUE)){
474		=	480
475	if(isset($_GET["edit"]) && $_GET["edit"]>0){ $modeTxt = $lang['admin']['edit']; } else { $modeTxt = $lang['admin']['add']; }		481	if(isset($_GET["edit"]) && $_GET["edit"]>0){ $modeTxt = $lang['admin']['edit']; } else { $modeTxt = $lang['admin']['add']; }
476	?>		482	?>
477	<p class="copyText"><?php echo $lang['admin']['products']['add_prod_desc'];?></p>		483	<p class="copyText"><?php echo $lang['admin']['products']['add_prod_desc'];?></p>
478	<form action="<?php echo $GLOBALS['rootRel'];?>admin/products/index.php" method="post" enctype="multipart/form-data" name="form1" language="javascript">		484	<form action="<?php echo $GLOBALS['rootRel'];?>admin/products/index.php" method="post" enctype="multipart/form-data" name="form1" language="javascript">
479	<table border="0" cellspacing="0" cellpadding="3" class="mainTable">		485	<table border="0" cellspacing="0" cellpadding="3" class="mainTable">

File: admin\settings\index.php

File: admin\login.php

67	}	=	67	}
68	$insert = $db->insert($glob['dbprefix']."CubeCart_admin_sessions", $data);		68	$insert = $db->insert($glob['dbprefix']."CubeCart_admin_sessions", $data);
69			69
70	// if there is over max amount of login records delete last one		70	// if there is over max amount of login records delete last one
71	// this prevents database attacks of bloating		71	// this prevents database attacks of bloating
72	if($db->numrows("SELECT loginId FROM ".$glob['dbprefix']."CubeCart_admin_sessions")>250){		72	if($db->numrows("SELECT loginId FROM ".$glob['dbprefix']."CubeCart_admin_sessions")>250){
73	$loginId = $db->select("SELECT max(loginId) as id FROM ".$glob['dbprefix']."CubeCart_admin_sessions");	<>	73	$loginId = $db->select("SELECT min(loginId) as id FROM ".$glob['dbprefix']."CubeCart_admin_sessions");
74	$db->delete($glob['dbprefix']."CubeCart_admin_sessions","loginId='".$loginId[0]['id']."'");	=	74	$db->delete($glob['dbprefix']."CubeCart_admin_sessions","loginId='".$loginId[0]['id']."'");
75	}		75	}
76			76
77	if($result == TRUE) {		77	if($result == TRUE) {
78			78
79	$_SESSION['ccAdmin'] = $result[0]['adminId'];		79	$_SESSION['ccAdmin'] = $result[0]['adminId'];

File: classes\db.inc.php

 +--------------------------------------------------------------------------
 |       db.inc.php
 |   ========================================
 |       Database Class
 +--------------------------------------------------------------------------
 */
+if (class_exists('db'))
+{
+        return;
+}
 class db
 {
         var $query = "";
         var $db = "";

File: includes\boxes\cartNavi.inc.php

25	\| cartNavi.inc.php	=	25	\| cartNavi.inc.php
26	\| ========================================		26	\| ========================================
27	\| Cart Pages Navigation Links Box		27	\| Cart Pages Navigation Links Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$box_content=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/cartNavi.tpl");		36	$box_content=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/cartNavi.tpl");
37			37

File: includes\boxes\categories.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| categories.inc.php		25	\| categories.inc.php
26	\| ========================================		26	\| ========================================
27	\| Categories Box		27	\| Categories Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	// query database		35	// query database
36	$results = $db->select("SELECT cat_name, cat_id FROM ".$glob['dbprefix']."CubeCart_category WHERE cat_father_id = 0");		36	$results = $db->select("SELECT cat_name, cat_id FROM ".$glob['dbprefix']."CubeCart_category WHERE cat_father_id = 0");

File: includes\boxes\currency.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| currency.inc.php		25	\| currency.inc.php
26	\| ========================================		26	\| ========================================
27	\| Currency Jump Box		27	\| Currency Jump Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	$currencies = $db->select("SELECT name, code FROM ".$glob['dbprefix']."CubeCart_currencies WHERE active = 1 ORDER BY name ASC");		35	$currencies = $db->select("SELECT name, code FROM ".$glob['dbprefix']."CubeCart_currencies WHERE active = 1 ORDER BY name ASC");
36			36

File: includes\boxes\info.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| info.inc.php		25	\| info.inc.php
26	\| ========================================		26	\| ========================================
27	\| Info & Stats Box		27	\| Info & Stats Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	// query database		35	// query database
36	$noProducts = $db->select("SELECT count(productId) as no FROM ".$glob['dbprefix']."CubeCart_inventory");		36	$noProducts = $db->select("SELECT count(productId) as no FROM ".$glob['dbprefix']."CubeCart_inventory");

File: includes\boxes\language.inc.php

25	\| language.inc.php	=	25	\| language.inc.php
26	\| ========================================		26	\| ========================================
27	\| Language Jump Box		27	\| Language Jump Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$box_content = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/language.tpl");		36	$box_content = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/language.tpl");
37			37

File: includes\boxes\mailList.inc.php

25	\| mailingList.inc.php	=	25	\| mailingList.inc.php
26	\| ========================================		26	\| ========================================
27	\| Mailing List Box		27	\| Mailing List Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$box_content=new XTemplate("skins/".$config['skinDir']."/styleTemplates/boxes/mailList.tpl");		36	$box_content=new XTemplate("skins/".$config['skinDir']."/styleTemplates/boxes/mailList.tpl");
37			37

File: includes\boxes\popularProducts.inc.php

25	\| popularProducts.inc.php	=	25	\| popularProducts.inc.php
26	\| ========================================		26	\| ========================================
27	\| Display the most Popular Products		27	\| Display the most Popular Products
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// query database		36	// query database
37	$popularProds = $db->select("SELECT name, productId FROM ".$glob['dbprefix']."CubeCart_inventory ORDER BY popularity DESC",$config['noPopularBoxItems']);		37	$popularProds = $db->select("SELECT name, productId FROM ".$glob['dbprefix']."CubeCart_inventory ORDER BY popularity DESC",$config['noPopularBoxItems']);

File: includes\boxes\randomProd.inc.php

25	\| randomProduct.inc.php	=	25	\| randomProduct.inc.php
26	\| ========================================		26	\| ========================================
27	\| Random Product Box		27	\| Random Product Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	mt_srand ((double) microtime() * 1000000);		36	mt_srand ((double) microtime() * 1000000);
37	$seed = mt_rand(1,10000);		37	$seed = mt_rand(1,10000);

File: includes\boxes\saleItems.inc.php

25	\| saleItems.inc.php	=	25	\| saleItems.inc.php
26	\| ========================================		26	\| ========================================
27	\| Sales Items Box		27	\| Sales Items Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// query database		36	// query database
37	$saleItems = $db->select("SELECT name, productId, price, sale_price, price - sale_price as saving FROM ".$glob['dbprefix']."CubeCart_inventory WHERE price > sale_price AND sale_price > 0 ORDER BY saving DESC",$config['noSaleBoxItems']);		37	$saleItems = $db->select("SELECT name, productId, price, sale_price, price - sale_price as saving FROM ".$glob['dbprefix']."CubeCart_inventory WHERE price > sale_price AND sale_price > 0 ORDER BY saving DESC",$config['noSaleBoxItems']);

File: includes\boxes\searchForm.inc.php

25	\| searchForm.inc.php	=	25	\| searchForm.inc.php
26	\| ========================================		26	\| ========================================
27	\| Search Box		27	\| Search Box
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$box_content = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/searchForm.tpl");		36	$box_content = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/searchForm.tpl");
37			37

File: includes\boxes\session.inc.php

25	\| session.inc.php	=	25	\| session.inc.php
26	\| ========================================		26	\| ========================================
27	\| Session Links & Welcome Text		27	\| Session Links & Welcome Text
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$box_content = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/session.tpl");		36	$box_content = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/boxes/session.tpl");
37			37

File: includes\boxes\shoppingCart.inc.php

 |       shoppingCart.inc.php
 |   ========================================
 |       Shopping Cart Box
 +--------------------------------------------------------------------------
 */
-if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {
+if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || ereg(".inc.php",$_SERVER['PHP_SELF'])) {
         echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
         exit;
 }
 $box_content=new XTemplate("skins/".$config['skinDir']."/styleTemplates/boxes/shoppingCart.tpl");
         } else {
                 $basket = $cart->add($_POST['add'],$quantity,"");
         }
+        // prevents refresh adding extras to the basket
+        header("Location: index.php?act=viewProd&productId=".$_POST['add']);
+        exit;
 }
 $cartTotal = "";
 if(is_array($basket['conts']) && !empty($basket['conts'])) {

File: includes\boxes\siteDocs.inc.php

25	\| siteDocs.inc.php	=	25	\| siteDocs.inc.php
26	\| ========================================		26	\| ========================================
27	\| Build Links to Site Docs		27	\| Build Links to Site Docs
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// query database		36	// query database
37	$results = $db->select("SELECT doc_id, doc_name FROM ".$glob['dbprefix']."CubeCart_docs ORDER BY doc_name ASC");		37	$results = $db->select("SELECT doc_id, doc_name FROM ".$glob['dbprefix']."CubeCart_docs ORDER BY doc_name ASC");

File: includes\content\account.inc.php

25	\| account.inc.php	=	25	\| account.inc.php
26	\| ========================================		26	\| ========================================
27	\| Customers Account Homepage		27	\| Customers Account Homepage
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// query database		36	// query database
37			37

File: includes\content\cart.inc.php

 |       cart.inc.php
 |   ========================================
 |       Core Checkout & Cart Pages
 +--------------------------------------------------------------------------
 */
-if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {
+if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || ereg(".inc.php",$_SERVER['PHP_SELF'])) {
         echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
+        exit;
+}
+// check the user is logged on
+if(($_GET['act']=="step2" || $_GET['act']=="step3" || $_GET['act']=="step4" || $_GET['act']=="step5") && $ccUserData[0]['customer_id']<1)
+{
+        header("Location: cart.php?act=step1");
         exit;
 }
 require_once("classes/cart.php");
 $cart = new cart();
 $basket = $cart->cartContents($ccUserData[0]['basket']);

File: includes\content\changePass.inc.php

25	\| changePass.inc.php	=	25	\| changePass.inc.php
26	\| ========================================		26	\| ========================================
27	\| Change the Customers Password		27	\| Change the Customers Password
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// send email if form is submit		36	// send email if form is submit
37	if(isset($_POST['submit']) && $ccUserData[0]['customer_id']>0){		37	if(isset($_POST['submit']) && $ccUserData[0]['customer_id']>0){

File: includes\content\confirmed.inc.php

 |       confirmed.inc.php
 |   ========================================
 |       Order Confirmation
 +--------------------------------------------------------------------------
 */
-if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {
+if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || ereg(".inc.php",$_SERVER['PHP_SELF'])) {
         echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
         exit;
 }
 require_once("classes/cart.php");
 $cart = new cart();
 // Override basket value as fix for some gateways
 if(isset($_GET['pg']) && !empty($_GET['pg'])){
         $pg = base64_decode($_GET['pg']);
-        if(ereg("Authorize|WorldPay|Protx|SECPay|BluePay",$pg)){
+        if(ereg("Authorize|WorldPay|Protx|SECPay|BluePay|mals-e",$pg)){
                 $basket['gateway'] = $pg;
         }
 ############################################################################################
 // Following lines added for Sir William's PayPal AutoReturn Fix
 } elseif(isset($_GET['tx']) && isset($_GET['st'])) {
                 $basket = $cart->unsetVar("tax");
                 $basket = $cart->unsetVar("shipCost");
                 $basket = $cart->unsetVar("grandTotal");
                 $basket = $cart->unsetVar("customer_comments");
                 $basket = $cart->unsetVar("counted");
                 $basket = $cart->unsetVar("shipMethod");
+                $basket = $cart->unsetVar("invArray");
+                $basket = $cart->unsetVar("shipKey");
+                $basket = $cart->unsetVar("gateway");
+                $basket = $cart->unsetVar("currentStep");
+                $basket = $cart->unsetVar("stepLimit");
         } else {
                 $confirmation->assign("LANG_ORDER_FAILED",$lang['front']['confirmed']['order_fail']);
                 $confirmation->assign("LANG_ORDER_RETRY",$lang['front']['confirmed']['try_again_desc']);

File: includes\content\dnExpire.inc.php

25	\| dnExpire.inc.php	=	25	\| dnExpire.inc.php
26	\| ========================================		26	\| ========================================
27	\| Warning Download has Expired		27	\| Warning Download has Expired
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$dn_expire = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/dnExpire.tpl");		36	$dn_expire = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/dnExpire.tpl");
37			37

File: includes\content\forgotPass.inc.php

25	\| forgotPass.inc.php	=	25	\| forgotPass.inc.php
26	\| ========================================		26	\| ========================================
27	\| Password Reset Page		27	\| Password Reset Page
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$forgot_pass = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/forgotPass.tpl");		36	$forgot_pass = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/forgotPass.tpl");
37			37

File: includes\content\gateway.inc.php

25	\| gateway.inc.php	=	25	\| gateway.inc.php
26	\| ========================================		26	\| ========================================
27	\| Choose and transfer to gateway		27	\| Choose and transfer to gateway
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	require_once("classes/cart.php");		36	require_once("classes/cart.php");
37	$cart = new cart();		37	$cart = new cart();

File: includes\content\index.inc.php

25	\| index.inc.php	=	25	\| index.inc.php
26	\| ========================================		26	\| ========================================
27	\| The Homepage :O)		27	\| The Homepage :O)
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$index=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/index.tpl");		36	$index=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/index.tpl");
37			37

File: includes\content\login.inc.php

 |       login.inc.php
 |   ========================================
 |       Start the session
 +--------------------------------------------------------------------------
 */
-if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {
+if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) || ereg(".inc.php",$_SERVER['PHP_SELF'])) {
         echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
         exit;
 }
 $_GET['act'] = treatGet($_GET['act']);
                 $_POST['remember'] = treatGet($_POST['remember']);
                 if($_POST['remember']==1){
                         setcookie("ccRemember","1",time()+$config['sqlSessionExpiry'], $GLOBALS['rootRel']);
                 }
                 // redirect
-                //"login","reg","unsubscribe","forgotPass"
+                // "login","reg","unsubscribe","forgotPass"
-                if( isset($_GET['redir']) && !eregi("logout|login|forgotPass|changePass",base64_decode($_GET['redir']))){
+                if(isset($_GET['redir']) && !empty($_GET['redir']) && !eregi("logout|login|forgotPass|changePass",base64_decode($_GET['redir']))){
                         $_GET['redir'] = treatGet($_GET['redir']);
                         header("Location: ".str_replace("&amp;","&",base64_decode(treatGet($_GET['redir']))));
                         exit;
                 } else {
                         header("Location: ".$GLOBALS['rootRel']."index.php");
                         exit;
                 }
+        }
+        elseif(eregi("step1",base64_decode($_GET['redir'])))
+        {
+                header("Location: ".$GLOBALS['rootRel']."cart.php?act=step1");
+                exit;
         }
 }
 $login = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/login.tpl");

File: includes\content\logout.inc.php

25	\| logout.inc.php	=	25	\| logout.inc.php
26	\| ========================================		26	\| ========================================
27	\| Destroy users session		27	\| Destroy users session
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// delete cookie		36	// delete cookie
37	$logout = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/logout.tpl");		37	$logout = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/logout.tpl");

File: includes\content\newsletter.inc.php

25	\| newsletter.inc.php	=	25	\| newsletter.inc.php
26	\| ========================================		26	\| ========================================
27	\| Subscribe to the Newsletter		27	\| Subscribe to the Newsletter
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// send email if form is submit		36	// send email if form is submit
37	if(isset($_POST['submit']) && $ccUserData[0]['customer_id']>0){		37	if(isset($_POST['submit']) && $ccUserData[0]['customer_id']>0){

File: includes\content\noShip.inc.php

25	\| noShip.inc.php	=	25	\| noShip.inc.php
26	\| ========================================		26	\| ========================================
27	\| Warning the store wont ship to the desired country		27	\| Warning the store wont ship to the desired country
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$no_ship = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/noShip.tpl");		36	$no_ship = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/noShip.tpl");
37			37

File: includes\content\overWeight.inc.php

25	\| overWeight.inc.php	=	25	\| overWeight.inc.php
26	\| ========================================		26	\| ========================================
27	\| Warning for order too large		27	\| Warning for order too large
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$over_weight = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/overWeight.tpl");		36	$over_weight = new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/overWeight.tpl");
37			37

File: includes\content\profile.inc.php

25	\| profile.inc.php	=	25	\| profile.inc.php
26	\| ========================================		26	\| ========================================
27	\| Customers Profile		27	\| Customers Profile
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// send email if form is submit		36	// send email if form is submit
37	if(isset($_POST['submit']) && $ccUserData[0]['customer_id']>0){		37	if(isset($_POST['submit']) && $ccUserData[0]['customer_id']>0){

File: includes\content\reg.inc.php

25	\| reg.inc.php	=	25	\| reg.inc.php
26	\| ========================================		26	\| ========================================
27	\| Customer Registration		27	\| Customer Registration
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	if($ccUserData[0]['customer_id']>0){		36	if($ccUserData[0]['customer_id']>0){
37			37

File: includes\content\step1.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| step1.inc.php		25	\| step1.inc.php
26	\| ========================================		26	\| ========================================
27	\| Step 1 Of the Checkout Pages		27	\| Step 1 Of the Checkout Pages
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	$enableSSl = 1;		35	$enableSSl = 1;
36	require_once("classes/cart.php");		36	require_once("classes/cart.php");

File: includes\content\tellafriend.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| tellafriend.inc.php		25	\| tellafriend.inc.php
26	\| ========================================		26	\| ========================================
27	\| Tell a friend about a product		27	\| Tell a friend about a product
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	// query database		35	// query database
36	$_GET['productId'] = treatGet($_GET['productId']) ;		36	$_GET['productId'] = treatGet($_GET['productId']) ;

File: includes\content\unsubscribe.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| unsubscribe.inc.php		25	\| unsubscribe.inc.php
26	\| ========================================		26	\| ========================================
27	\| Unsubscribe page from Bulk Email		27	\| Unsubscribe page from Bulk Email
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	$unsubscribe=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/unsubscribe.tpl");		35	$unsubscribe=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/unsubscribe.tpl");
36			36

File: includes\content\viewCat.inc.php

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| viewCat.inc.php		25	\| viewCat.inc.php
26	\| ========================================		26	\| ========================================
27	\| Display the Current Category		27	\| Display the Current Category
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34			34
35	if(isset($_GET['page'])){		35	if(isset($_GET['page'])){
36			36

File: includes\content\viewDoc.inc.php

26	\| ========================================	=	26	\| ========================================
27	\| Displays a site document		27	\| Displays a site document
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	// query database		30	// query database
31			31
32	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	32	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
33	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	33	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
34	exit;		34	exit;
35	}		35	}
36			36
37	$_GET['docId'] = treatGet($_GET['docId']);		37	$_GET['docId'] = treatGet($_GET['docId']);
38	if($lang_folder !== $config['defaultLang']){		38	if($lang_folder !== $config['defaultLang']){

File: includes\content\viewOrder.inc.php

25	\| viewOrder.inc.php	=	25	\| viewOrder.inc.php
26	\| ========================================		26	\| ========================================
27	\| Displays the Customers Specific Order		27	\| Displays the Customers Specific Order
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$view_order=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/viewOrder.tpl");		36	$view_order=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/viewOrder.tpl");
37			37

File: includes\content\viewOrders.inc.php

25	\| viewOrders.inc.php	=	25	\| viewOrders.inc.php
26	\| ========================================		26	\| ========================================
27	\| Displays the Customers Orders		27	\| Displays the Customers Orders
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// query database		36	// query database
37			37

File: includes\content\viewProd.inc.php

25	\| viewProduct.inc.php	=	25	\| viewProduct.inc.php
26	\| ========================================		26	\| ========================================
27	\| Displays the Product in Detail		27	\| Displays the Product in Detail
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36			36
37	// query database		37	// query database

File: includes\currencyVars.inc.php

25	\| currencyVars.inc.php	=	25	\| currencyVars.inc.php
26	\| ========================================		26	\| ========================================
27	\| Gets Currency Array		27	\| Gets Currency Array
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$override = array("viewOrder" => 1, "viewOrders" => 1);		36	$override = array("viewOrder" => 1, "viewOrders" => 1);
37			37

File: includes\ini.inc.php

1	<?php	=	1	<?php
2	error_reporting(E_ALL ^ E_NOTICE);		2	error_reporting(E_ALL ^ E_NOTICE);
3	@ini_set("display_errors", "1");		3	@ini_set("display_errors", "1");
4	@ini_set("arg_separator.output","&");		4	@ini_set("arg_separator.output","&");
5	$ini['ver'] = '3.0.10';	<>	5	$ini['ver'] = '3.0.11';
6	$ini['CCver'] = '30015';		6	$ini['CCver'] = '30016';
7	$sslPages = array("unsubscribe" => 1,"login" => 1,"logout" => 1,"forgotPass" => 1,"account" => 1,"profile" => 1,"changePass" => 1,"newsletter" => 1,"cart" => 1,"step1" => 1,"step2" => 1,"step3" => 1,"step4" => 1,"step5" => 1,"reg" => 1,"viewOrders" => 1,"viewOrder" => 1,"confirmed" => 1);	=	7	$sslPages = array("unsubscribe" => 1,"login" => 1,"logout" => 1,"forgotPass" => 1,"account" => 1,"profile" => 1,"changePass" => 1,"newsletter" => 1,"cart" => 1,"step1" => 1,"step2" => 1,"step3" => 1,"step4" => 1,"step5" => 1,"reg" => 1,"viewOrders" => 1,"viewOrder" => 1,"confirmed" => 1);
8	?>		8	?>

File: includes\orderSuccess.inc.php

25	\| orderSuccess.inc.php	=	25	\| orderSuccess.inc.php
26	\| ========================================		26	\| ========================================
27	\| Fulfill the order		27	\| Fulfill the order
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	// get exchange rates etc		36	// get exchange rates etc
37	if(isset($cart_order_id) && !empty($cart_order_id)){		37	if(isset($cart_order_id) && !empty($cart_order_id)){

File: includes\session.inc.php

25	\| session.php	=	25	\| session.php
26	\| ========================================		26	\| ========================================
27	\| Core Session Management		27	\| Core Session Management
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	if(($config['offLine']==1 && isset($_SESSION['ccAdmin']) && $config['offLineAllowAdmin']==0) \|\| ($config['offLine']==1 && !isset($_SESSION['ccAdmin']))) {		36	if(($config['offLine']==1 && isset($_SESSION['ccAdmin']) && $config['offLineAllowAdmin']==0) \|\| ($config['offLine']==1 && !isset($_SESSION['ccAdmin']))) {
37	header("Location: offLine.php");		37	header("Location: offLine.php");

File: includes\sslSwitch.inc.php

25	\| switch.php	=	25	\| switch.php
26	\| ========================================		26	\| ========================================
27	\| Switch between secure and insecure pages		27	\| Switch between secure and insecure pages
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30			30
31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	31	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	if(isset($_GET['act'])){		36	if(isset($_GET['act'])){
37			37

92	header("Location: ".$page);	=	92	header("Location: ".$page);
93	exit;		93	exit;
94			94
95	}		95	}
96			96
97	// get paths and dirs		97	// get paths and dirs
98	if(isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on"){	<>	98	if(detectSSL()==TRUE){
99		=	99
100	$GLOBALS['rootDir'] = $config['rootDir_SSL'];	<>	100	$GLOBALS['rootDir'] = $glob['rootDir'];
101	$GLOBALS['storeURL'] = $config['storeURL_SSL'];	=	101	$GLOBALS['storeURL'] = $config['storeURL_SSL'];
102	$GLOBALS['rootRel'] = $config['rootRel_SSL'];		102	$GLOBALS['rootRel'] = $config['rootRel_SSL'];
103			103
104	} else {		104	} else {
105			105
106	$GLOBALS['rootDir'] = $glob['rootDir'];		106	$GLOBALS['rootDir'] = $glob['rootDir'];
107	$GLOBALS['storeURL'] = $glob['storeURL'];		107	$GLOBALS['storeURL'] = $glob['storeURL'];
108	$GLOBALS['rootRel'] = $glob['rootRel'];		108	$GLOBALS['rootRel'] = $glob['rootRel'];
109			109
110	}		110	}
111	?>		111	?>

File: install\help\viewImg.php

2	include("../../language/".$_GET['l']."/lang.inc.php");	=	2	include("../../language/".$_GET['l']."/lang.inc.php");
3	?>		3	?>
4	<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">		4	<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
5	<html xmlns="http://www.w3.org/1999/xhtml">		5	<html xmlns="http://www.w3.org/1999/xhtml">
6	<head>		6	<head>
7	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />		7	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
8	<title><?php echo $lang['install']['skinPreview'] - <?php echo $_GET['img']; ?></title>	<>	8	<title><?php echo $lang['install']['skinPreview']; ?> - <?php echo $_GET['img']; ?></title>
9	<style type="text/css">	=	9	<style type="text/css">
10	<!--		10	<!--
11	body {		11	body {
12	margin-left: 0px;		12	margin-left: 0px;
13	margin-top: 0px;		13	margin-top: 0px;
14	margin-right: 0px;		14	margin-right: 0px;

File: install\index.php

603	<td colspan="4"><strong><?php echo $lang['install']['skin']; ?></strong> - <?php echo $lang['install']['clickForLarger']; ?><br />	=	603	<td colspan="4"><strong><?php echo $lang['install']['skin']; ?></strong> - <?php echo $lang['install']['clickForLarger']; ?><br />
604	<?php echo $lang['install']['changedAnytime'];?> </td>		604	<?php echo $lang['install']['changedAnytime'];?> </td>
605	</tr>		605	</tr>
606	<tr>		606	<tr>
607	<td colspan="4" class="borderBot"><table width="100%" border="0" cellspacing="0" cellpadding="2">		607	<td colspan="4" class="borderBot"><table width="100%" border="0" cellspacing="0" cellpadding="2">
608	<tr align="center">		608	<tr align="center">
609	<td width="33%"><a href="javascript:;"><img src="images/screenshots/thumbClassic.gif" alt="Classic" width="150" height="107" border="0" title="" onclick="MM_openBrWindow('help/viewImg.php?img=Classic','skin','width=500,height=358')" /></a></td>	<>	609	<td width="33%"><a href="javascript:;"><img src="images/screenshots/thumbClassic.gif" alt="Classic" width="150" height="107" border="0" title="" onclick="MM_openBrWindow('help/viewImg.php?img=Classic&l=<?php echo $_GET['l']; ?>','skin','width=500,height=358')" /></a></td>
610	<td width="33%"><a href="javascript:;"><img src="images/screenshots/thumbLegend.gif" alt="Legend" width="150" height="107" border="0" title="" onclick="MM_openBrWindow('help/viewImg.php?img=Legend','skin','width=500,height=358')" /></a></td>		610	<td width="33%"><a href="javascript:;"><img src="images/screenshots/thumbLegend.gif" alt="Legend" width="150" height="107" border="0" title="" onclick="MM_openBrWindow('help/viewImg.php?img=Legend&l=<?php echo $_GET['l']; ?>','skin','width=500,height=358')" /></a></td>
611	<td width="33%"><a href="javascript:;"><img src="images/screenshots/thumbKiller.gif" alt="" width="150" height="107" title="" onclick="MM_openBrWindow('help/viewImg.php?img=Killer','skin','width=500,height=358')" /></a></td>		611	<td width="33%"><a href="javascript:;"><img src="images/screenshots/thumbKiller.gif" alt="Killer" width="150" height="107" title=""border="0" onclick="MM_openBrWindow('help/viewImg.php?img=Killer&l=<?php echo $_GET['l']; ?>','skin','width=500,height=358')" /></a></td>
612	</tr>	=	612	</tr>
613	<tr align="center">		613	<tr align="center">
614	<td width="33%">		614	<td width="33%">
615	<input name="skin" type="radio" value="Classic" checked="checked" />		615	<input name="skin" type="radio" value="Classic" checked="checked" />
616	<br />		616	<br />
617	<?php echo $lang['install']['classic'];?></td>		617	<?php echo $lang['install']['classic'];?></td>

File: language\en\lang.inc.php

 'zone' => "County/State/Zone:",
 'dirs_folders' => "Directories &amp; Folders",
 'rootRel' => "Root Public HTML Folder to store:",
-'include_slash' => "(Include Trailing Slash)",
+'include_slash' => "e.g. /store/ (Include Trailing Slash)",
 'storeURL' => "Absolute URL to store:",
 'eg_domain_com' => "e.g. http://www.domain.com",
 'rootDir' => "Server Root Directory:",
 'eg_root_path' => "e.g. /path/to/your/webstore",
 'rootRel_SSL' => "Root SECURE Public HTML Folder to store:",
 'storeURL_SSL' => "Absolute SECURE URL to store:",
-'eg_domain_SSL' => "e.g. https://secure.domain.com",
+'eg_domain_SSL' => "e.g. https://secure.domain.com/store (Excluding Trailing Slash)",
 'rootDir_SSL' => "Server SECURE Root Directory:",
 'eg_root_path_secure' => "e.g. /path/to/your/secure/webstore",
 'enable_ssl' => "Enable SSL:",
 'date_format_desc' => "(See <a href='http://www.php.net/date' target='_blank' class='txtLink'>www.php.net/date</a>)",
 'locale_settings' => "Locale Settings",
 'default_currency' => "Default Currency",
-'inc_tax_prices' => "Include tax in prices?",
+'inc_tax_prices' => "Include tax in prices?<br />
+(With this enabled you must add tax into the price of the goods and it is applied to all customers)",
 'sale_mode' => "Sale Mode:",
 'percent_of_all' => "Percentage off all prices",
 'ind_sale_per_item' => "Individual Sale Prices per item",

File: modules\gateway\Authorize_AIM\form.inc.php

-+	1	<?php
	2	$module = fetchDbConfig("Authorize_AIM");
	3
	4	if($_GET['process']==1){
	5
	6	$debug = "<table border=\"0\" cellpadding=\"3\" width=\"600\">
	7	<tr>
	8	<td>
	9
	10
	11	<b>Authorize.Net<br />
	12	Advanced Implementation Method (AIM)<br />
	13	<br />
	14	<strong>Debug Info:</strong>
	15
	16	</td>
	17	</tr>
	18	<tr>
	19	<td>";
	20
	21	$ERROR_RETRIES = 2; # Number of transactions to post if soft errors occur
	22
	23	$auth_net_login_id = $module['acNo'];
	24	$auth_net_tran_key = $module['txnkey'];
	25
	26	if($module['testMode'] == 1){
	27	$auth_net_url = "https://certification.authorize.net/gateway/transact.dll";
	28	//$auth_net_url = "https://test.authorize.net/gateway/transact.dll";
	29	$TESTING = 1; # Set the testing flag so that transactions are not live
	30	}
	31	else
	32	{
	33	$auth_net_url = "https://secure.authorize.net/gateway/transact.dll";
	34	}
	35
	36	if($module['debug'] == 1){
	37	$DEBUGGING = 1; # Display additional information to track down problems
	38	}
	39
	40	$authnet_values = array
	41	(
	42	"x_login" => $auth_net_login_id,
	43	"x_version" => "3.1",
	44	"x_delim_char" => "\|",
	45	"x_delim_data" => "TRUE",
	46	"x_url" => "FALSE",
	47	"x_type" => "AUTH_CAPTURE",
	48	"x_method" => "CC",
	49	"x_tran_key" => $auth_net_tran_key,
	50	"x_relay_response" => "FALSE",
	51	"x_card_num" => $_POST["cardNumber"],
	52	"x_exp_date" => $_POST["expirationMonth"].$_POST["expirationYear"],
	53	"x_description" => $basket['cart_order_id'],
	54	"x_amount" => $basket['grandTotal'],
	55	"x_first_name" => $_POST["firstName"],
	56	"x_last_name" => $_POST["lastName"],
	57	"x_address" => $_POST["addr1"].' '.$_POST["addr2"],
	58	"x_city" => $_POST["city"],
	59	"x_state" => $_POST["state"],
	60	"x_zip" => $_POST["postalCode"],
	61	"CustomerBirthMonth" => "",
	62	"CustomerBirthDay" => "",
	63	"CustomerBirthYear" => "",
	64	"SpecialCode" => "",
	65
	66	);
	67
	68	$fields = "";
	69	foreach( $authnet_values as $key => $value ) $fields .= $key."=" . urlencode( $value ) . "&";
	70
	71
	72	$debug .= "<hr />";
	73	///////////////////////////////////////////////////////////
	74
	75	$debug .= "<b>01: Post the transaction (see the code for specific information):</b><br />";
	76
	77
	78	$ch = curl_init($auth_net_url);
	79	curl_setopt($ch, CURLOPT_HEADER, 0); // set to 0 to eliminate header info from response
	80	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Returns response data instead of TRUE(1)
	81	curl_setopt($ch, CURLOPT_POSTFIELDS, rtrim( $fields, "& " )); // use HTTP POST to send form data
	82	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // uncomment this line if you get no gateway response. ###
	83	$resp = curl_exec($ch); //execute post and get results
	84	curl_close ($ch);
	85
	86	$debug .= "<hr />";
	87	///////////////////////////////////////////////////////////
	88
	89	$debug .= "<b>02: Get post results:</b><br />";
	90	$debug .= $resp;
	91	$debug .= "<br />";
	92
	93	$debug .= "<hr />";
	94	///////////////////////////////////////////////////////////
	95
	96	$debug .= "03: Parse post results (simple approach)<br />";
	97
	98	$text = $resp;
	99
	100	$debug .= "<table cellpadding=\"5\" cellspacing=\"0\" border=\"1\">";
	101	$debug .= "<tr>";
	102	$debug .= "<td >";
	103
	104
	105	$tok = strtok($text,"\|");
	106	while(!($tok === FALSE)){
	107	//while ($tok) {
	108	$debug .= "     ".$tok."<br />";
	109	$tok = strtok("\|");
	110	}
	111
	112
	113	$debug .= "</td>";
	114	$debug .= "</tr>";
	115	$debug .= "</table>";
	116
	117
	118	$debug .= "<hr />";
	119	///////////////////////////////////////////////////////////
	120
	121	$debug .= "<b>04: Parse the results string into individual, meaningful segments:</b><br />";
	122
	123
	124	$debug .= "<table cellpadding=\"5\" cellspacing=\"0\" border=\"1\">";
	125
	126	///////////////////////////////////////////////////////////
	127	// STATISTICAL USE ONLY: //
	128	///////////////////////////////////////////////////////////
	129
	130	$debug .= "<tr>";
	131	$debug .= "<td>";
	132	$debug .= "Length of the returned string from Authorize.Net:";
	133	$debug .= "</td>";
	134
	135	$debug .= "<td>";
	136	$debug .= strlen($resp);
	137	$debug .= "</td>";
	138
	139	$debug .= "</tr>";
	140
	141	$howMany = substr_count($resp, "\|");
	142
	143	$debug .= "<tr>";
	144	$debug .= "<td>";
	145	$debug .= "Number of delimiter characters in the returned string:";
	146	$debug .= "</td>";
	147
	148	$debug .= "<td>";
	149	$debug .= $howMany;
	150	$debug .= "</td>";
	151
	152	$debug .= "</tr>";
	153	///////////////////////////////////////////////////////////
	154
	155
	156
	157	$text = $resp;
	158	$h = substr_count($text, "\|");
	159	$h++;
	160
	161
	162
	163
	164	for($j=1; $j <= $h; $j++){
	165
	166	$p = strpos($text, "\|");
	167
	168	if ($p === false) { // note: three equal signs
	169
	170	$debug .= "<tr>";
	171	$debug .= "<td>";
	172
	173	// x_delim_char is obviously not found in the last go-around
	174
	175	if($j>=69){
	176
	177	$debug .= "Merchant-defined (".$j."): ";
	178	$debug .= ": ";
	179
	180	$debug .= "</td>";
	181	$debug .= "<td >";
	182
	183	$debug .= $text;
	184	$debug .= "<br />";
	185
	186	} else {
	187
	188	$debug .= $j;
	189	$debug .= ": ";
	190
	191	$debug .= "</td>";
	192	$debug .= "<td >";
	193
	194	$debug .= $text;
	195	$debug .= "<br />";
	196
	197	}
	198
	199
	200	$debug .= "</td>";
	201	$debug .= "</tr>";
	202
	203	}else{
	204
	205	$p++;
	206
	207	// We found the x_delim_char and accounted for it . . . now do something with it
	208
	209	// get one portion of the response at a time
	210	$pstr = substr($text, 0, $p);
	211
	212	// this prepares the text and returns one value of the submitted
	213	// and processed name/value pairs at a time
	214	// for AIM-specific interpretations of the responses
	215	// please consult the AIM Guide and look up
	216	// the section called Gateway Response API
	217	$pstr_trimmed = substr($pstr, 0, -1); // removes "\|" at the end
	218
	219	if($pstr_trimmed==""){
	220	$pstr_trimmed="NO VALUE RETURNED";
	221	}
	222
	223
	224	$debug .= "<tr>";
	225	$debug .= "<td>";
	226
	227	switch($j){
	228
	229	case 1:
	230	$debug .= "Response Code: ";
	231
	232	$debug .= "</td>";
	233	$debug .= "<td >";
	234
	235	$fval="";
	236	if($pstr_trimmed=="1"){
	237	$fval="Approved";
	238	$jumpTo = "confirmed.php";
	239	}elseif($pstr_trimmed=="2"){
	240	$fval="Declined";
	241	$jumpTo = "confirmed.php?f=1";
	242	}elseif($pstr_trimmed=="3"){
	243	$fval="Error";
	244	$jumpTo = "confirmed.php?f=1";
	245	}
	246
	247	$debug .= $fval;
	248	$debug .= "<br />";
	249	break;
	250
	251	case 2:
	252	$debug .= "Response Subcode: ";
	253
	254	$debug .= "</td>";
	255	$debug .= "<td >";
	256
	257	$debug .= $pstr_trimmed;
	258	$debug .= "<br />";
	259	break;
	260
	261	case 3:
	262	$debug .= "Response Reason Code: ";
	263
	264	$debug .= "</td>";
	265	$debug .= "<td >";
	266
	267	$debug .= $pstr_trimmed;
	268	$debug .= "<br />";
	269	break;
	270
	271	case 4:
	272	$debug .= "Response Reason Text: ";
	273
	274	$debug .= "</td>";
	275	$debug .= "<td >";
	276
	277	$debug .= $pstr_trimmed;
	278	$debug .= "<br />";
	279	break;
	280
	281	case 5:
	282	$debug .= "Approval Code: ";
	283
	284	$debug .= "</td>";
	285	$debug .= "<td >";
	286
	287	$debug .= $pstr_trimmed;
	288	$debug .= "<br />";
	289	break;
	290
	291	case 6:
	292	$debug .= "AVS Result Code: ";
	293
	294	$debug .= "</td>";
	295	$debug .= "<td >";
	296
	297	$debug .= $pstr_trimmed;
	298	$debug .= "<br />";
	299	break;
	300
	301	case 7:
	302	$debug .= "Transaction ID: ";
	303
	304	$debug .= "</td>";
	305	$debug .= "<td >";
	306
	307	$debug .= $pstr_trimmed;
	308	$debug .= "<br />";
	309	break;
	310
	311	case 8:
	312	$debug .= "Invoice Number (x_invoice_num): ";
	313
	314	$debug .= "</td>";
	315	$debug .= "<td >";
	316
	317	$debug .= $pstr_trimmed;
	318	$debug .= "<br />";
	319	break;
	320
	321	case 9:
	322	$debug .= "Description (x_description): ";
	323
	324	$debug .= "</td>";
	325	$debug .= "<td >";
	326
	327	$debug .= $pstr_trimmed;
	328	$debug .= "<br />";
	329	break;
	330
	331	case 10:
	332	$debug .= "Amount (x_amount): ";
	333
	334	$debug .= "</td>";
	335	$debug .= "<td >";
	336
	337	$debug .= $pstr_trimmed;
	338	$debug .= "<br />";
	339	break;
	340
	341	case 11:
	342	$debug .= "Method (x_method): ";
	343
	344	$debug .= "</td>";
	345	$debug .= "<td >";
	346
	347	$debug .= $pstr_trimmed;
	348	$debug .= "<br />";
	349	break;
	350
	351	case 12:
	352	$debug .= "Transaction Type (x_type): ";
	353
	354	$debug .= "</td>";
	355	$debug .= "<td >";
	356
	357	$debug .= $pstr_trimmed;
	358	$debug .= "<br />";
	359	break;
	360
	361	case 13:
	362	$debug .= "Customer ID (x_cust_id): ";
	363
	364	$debug .= "</td>";
	365	$debug .= "<td >";
	366
	367	$debug .= $pstr_trimmed;
	368	$debug .= "<br />";
	369	break;
	370
	371	case 14:
	372	$debug .= "Cardholder First Name (x_first_name): ";
	373
	374	$debug .= "</td>";
	375	$debug .= "<td >";
	376
	377	$debug .= $pstr_trimmed;
	378	$debug .= "<br />";
	379	break;
	380
	381	case 15:
	382	$debug .= "Cardholder Last Name (x_last_name): ";
	383
	384	$debug .= "</td>";
	385	$debug .= "<td >";
	386
	387	$debug .= $pstr_trimmed;
	388	$debug .= "<br />";
	389	break;
	390
	391	case 16:
	392	$debug .= "Company (x_company): ";
	393
	394	$debug .= "</td>";
	395	$debug .= "<td >";
	396
	397	$debug .= $pstr_trimmed;
	398	$debug .= "<br />";
	399	break;
	400
	401	case 17:
	402	$debug .= "Billing Address (x_address): ";
	403
	404	$debug .= "</td>";
	405	$debug .= "<td >";
	406
	407	$debug .= $pstr_trimmed;
	408	$debug .= "<br />";
	409	break;
	410
	411	case 18:
	412	$debug .= "City (x_city): ";
	413
	414	$debug .= "</td>";
	415	$debug .= "<td >";
	416
	417	$debug .= $pstr_trimmed;
	418	$debug .= "<br />";
	419	break;
	420
	421	case 19:
	422	$debug .= "State (x_state): ";
	423
	424	$debug .= "</td>";
	425	$debug .= "<td >";
	426
	427	$debug .= $pstr_trimmed;
	428	$debug .= "<br />";
	429	break;
	430
	431	case 20:
	432	$debug .= "ZIP (x_zip): ";
	433
	434	$debug .= "</td>";
	435	$debug .= "<td >";
	436
	437	$debug .= $pstr_trimmed;
	438	$debug .= "<br />";
	439	break;
	440
	441	case 21:
	442	$debug .= "Country (x_country): ";
	443
	444	$debug .= "</td>";
	445	$debug .= "<td >";
	446
	447	$debug .= $pstr_trimmed;
	448	$debug .= "<br />";
	449	break;
	450
	451	case 22:
	452	$debug .= "Phone (x_phone): ";
	453
	454	$debug .= "</td>";
	455	$debug .= "<td >";
	456
	457	$debug .= $pstr_trimmed;
	458	$debug .= "<br />";
	459	break;
	460
	461	case 23:
	462	$debug .= "Fax (x_fax): ";
	463
	464	$debug .= "</td>";
	465	$debug .= "<td >";
	466
	467	$debug .= $pstr_trimmed;
	468	$debug .= "<br />";
	469	break;
	470
	471	case 24:
	472	$debug .= "E-Mail Address (x_email): ";
	473
	474	$debug .= "</td>";
	475	$debug .= "<td >";
	476
	477	$debug .= $pstr_trimmed;
	478	$debug .= "<br />";
	479	break;
	480
	481	case 25:
	482	$debug .= "Ship to First Name (x_ship_to_first_name): ";
	483
	484	$debug .= "</td>";
	485	$debug .= "<td >";
	486
	487	$debug .= $pstr_trimmed;
	488	$debug .= "<br />";
	489	break;
	490
	491	case 26:
	492	$debug .= "Ship to Last Name (x_ship_to_last_name): ";
	493
	494	$debug .= "</td>";
	495	$debug .= "<td >";
	496
	497	$debug .= $pstr_trimmed;
	498	$debug .= "<br />";
	499	break;
	500
	501	case 27:
	502	$debug .= "Ship to Company (x_ship_to_company): ";
	503
	504	$debug .= "</td>";
	505	$debug .= "<td >";
	506
	507	$debug .= $pstr_trimmed;
	508	$debug .= "<br />";
	509	break;
	510
	511	case 28:
	512	$debug .= "Ship to Address (x_ship_to_address): ";
	513
	514	$debug .= "</td>";
	515	$debug .= "<td >";
	516
	517	$debug .= $pstr_trimmed;
	518	$debug .= "<br />";
	519	break;
	520
	521	case 29:
	522	$debug .= "Ship to City (x_ship_to_city): ";
	523
	524	$debug .= "</td>";
	525	$debug .= "<td >";
	526
	527	$debug .= $pstr_trimmed;
	528	$debug .= "<br />";
	529	break;
	530
	531	case 30:
	532	$debug .= "Ship to State (x_ship_to_state): ";
	533
	534	$debug .= "</td>";
	535	$debug .= "<td >";
	536
	537	$debug .= $pstr_trimmed;
	538	$debug .= "<br />";
	539	break;
	540
	541	case 31:
	542	$debug .= "Ship to ZIP (x_ship_to_zip): ";
	543
	544	$debug .= "</td>";
	545	$debug .= "<td >";
	546
	547	$debug .= $pstr_trimmed;
	548	$debug .= "<br />";
	549	break;
	550
	551	case 32:
	552	$debug .= "Ship to Country (x_ship_to_country): ";
	553
	554	$debug .= "</td>";
	555	$debug .= "<td >";
	556
	557	$debug .= $pstr_trimmed;
	558	$debug .= "<br />";
	559	break;
	560
	561	case 33:
	562	$debug .= "Tax Amount (x_tax): ";
	563
	564	$debug .= "</td>";
	565	$debug .= "<td >";
	566
	567	$debug .= $pstr_trimmed;
	568	$debug .= "<br />";
	569	break;
	570
	571	case 34:
	572	$debug .= "Duty Amount (x_duty): ";
	573
	574	$debug .= "</td>";
	575	$debug .= "<td >";
	576
	577	$debug .= $pstr_trimmed;
	578	$debug .= "<br />";
	579	break;
	580
	581	case 35:
	582	$debug .= "Freight Amount (x_freight): ";
	583
	584	$debug .= "</td>";
	585	$debug .= "<td >";
	586
	587	$debug .= $pstr_trimmed;
	588	$debug .= "<br />";
	589	break;
	590
	591	case 36:
	592	$debug .= "Tax Exempt Flag (x_tax_exempt): ";
	593
	594	$debug .= "</td>";
	595	$debug .= "<td >";
	596
	597	$debug .= $pstr_trimmed;
	598	$debug .= "<br />";
	599	break;
	600
	601	case 37:
	602	$debug .= "PO Number (x_po_num): ";
	603
	604	$debug .= "</td>";
	605	$debug .= "<td >";
	606
	607	$debug .= $pstr_trimmed;
	608	$debug .= "<br />";
	609	break;
	610
	611	case 38:
	612	$debug .= "MD5 Hash: ";
	613
	614	$debug .= "</td>";
	615	$debug .= "<td >";
	616
	617	$debug .= $pstr_trimmed;
	618	$debug .= "<br />";
	619	break;
	620
	621	case 39:
	622	$debug .= "Card Code Response: ";
	623
	624	$debug .= "</td>";
	625	$debug .= "<td >";
	626
	627	$fval="";
	628	if($pstr_trimmed=="M"){
	629	$fval="M = Match";
	630	}elseif($pstr_trimmed=="N"){
	631	$fval="N = No Match";
	632	}elseif($pstr_trimmed=="P"){
	633	$fval="P = Not Processed";
	634	}elseif($pstr_trimmed=="S"){
	635	$fval="S = Should have been present";
	636	}elseif($pstr_trimmed=="U"){
	637	$fval="U = Issuer unable to process request";
	638	}else{
	639	$fval="NO VALUE RETURNED";
	640	}
	641
	642	$debug .= $fval;
	643	$debug .= "<br />";
	644	break;
	645
	646	case 40:
	647	case 41:
	648	case 42:
	649	case 43:
	650	case 44:
	651	case 45:
	652	case 46:
	653	case 47:
	654	case 48:
	655	case 49:
	656	case 50:
	657	case 51:
	658	case 52:
	659	case 53:
	660	case 54:
	661	case 55:
	662	case 55:
	663	case 56:
	664	case 57:
	665	case 58:
	666	case 59:
	667	case 60:
	668	case 61:
	669	case 62:
	670	case 63:
	671	case 64:
	672	case 65:
	673	case 66:
	674	case 67:
	675	case 68:
	676	$debug .= "Reserved (".$j."): ";
	677
	678	$debug .= "</td>";
	679	$debug .= "<td >";
	680
	681	$debug .= $pstr_trimmed;
	682	$debug .= "<br />";
	683	break;
	684
	685	default:
	686
	687	if($j>=69){
	688
	689	$debug .= "Merchant-defined (".$j."): ";
	690	$debug .= ": ";
	691
	692	$debug .= "</td>";
	693	$debug .= "<td >";
	694
	695	$debug .= $pstr_trimmed;
	696	$debug .= "<br />";
	697
	698	} else {
	699
	700	$debug .= $j;
	701	$debug .= ": ";
	702
	703	$debug .= "</td>";
	704	$debug .= "<td >";
	705
	706	$debug .= $pstr_trimmed;
	707	$debug .= "<br />";
	708
	709	}
	710
	711	break;
	712
	713	}
	714
	715	$debug .= "</td>";
	716	$debug .= "</tr>";
	717
	718	// remove the part that we identified and work with the rest of the string
	719	$text = substr($text, $p);
	720
	721	}
	722
	723	}
	724
	725	$debug .= "</table>";
	726
	727	$debug .= "<br />";
	728
	729
	730
	731
	732	$debug .= "<hr />";
	733	///////////////////////////////////////////////////////////
	734
	735	if($module['debug'] == 1){
	736	$debug .= "<b>04: Done.</b><br /></td>
	737	</tr>
	738	</table>";
	739	echo $debug;
	740	exit;
	741	} else {
	742
	743	header("Location: ".$jumpTo);
	744	exit;
	745
	746	}
	747
	748
	749	}
	750
	751
	752	$formTemplate = new XTemplate ("modules/gateway/Authorize_AIM/form.tpl");
	753
	754	$formTemplate->assign("VAL_FIRST_NAME",$ccUserData[0]['firstName']);
	755	$formTemplate->assign("VAL_LAST_NAME",$ccUserData[0]['lastName']);
	756	$formTemplate->assign("VAL_EMAIL_ADDRESS",$ccUserData[0]['email']);
	757	$formTemplate->assign("VAL_ADD_1",$ccUserData[0]['add_1']);
	758	$formTemplate->assign("VAL_ADD_2",$ccUserData[0]['add_2']);
	759	$formTemplate->assign("VAL_CITY",$ccUserData[0]['town']);
	760	$formTemplate->assign("VAL_COUNTY",$ccUserData[0]['county']);
	761	$formTemplate->assign("VAL_POST_CODE",$ccUserData[0]['postcode']);
	762
	763
	764	$countries = $db->select("SELECT id, iso, printable_name FROM ".$glob['dbprefix']."CubeCart_iso_countries ORDER BY printable_name");
	765
	766	for($i=0; $i<count($countries); $i++){
	767
	768
	769	if($countries[$i]['id'] == $ccUserData[0]['country']){
	770	$formTemplate->assign("COUNTRY_SELECTED","selected='selected'");
	771	} else {
	772	$formTemplate->assign("COUNTRY_SELECTED","");
	773	}
	774
	775	$formTemplate->assign("VAL_COUNTRY_ISO",$countries[$i]['iso']);
	776
	777	$countryName = "";
	778	$countryName = $countries[$i]['printable_name'];
	779
	780	if(strlen($countryName)>20){
	781
	782	$countryName = substr($countryName,0,20)."…";
	783
	784	}
	785
	786	$formTemplate->assign("VAL_COUNTRY_NAME",$countryName);
	787	$formTemplate->parse("form.repeat_countries");
	788	}
	789
	790	$formTemplate->assign("LANG_CC_INFO_TITLE",$lang['module']['eway']['cc_info_title']);
	791	$formTemplate->assign("LANG_FIRST_NAME",$lang['module']['eway']['first_name']);
	792	$formTemplate->assign("LANG_LAST_NAME",$lang['module']['eway']['last_name']);
	793	//$formTemplate->assign("LANG_CARD_TYPE",$lang['module']['eway']['card_type']);
	794	$formTemplate->assign("LANG_CARD_NUMBER",$lang['module']['eway']['card_number']);
	795	$formTemplate->assign("LANG_EXPIRES",$lang['module']['eway']['expires']);
	796	$formTemplate->assign("LANG_MMYYYY",$lang['module']['eway']['mmyyyy']);
	797	$formTemplate->assign("LANG_SECURITY_CODE",$lang['module']['eway']['security_code']);
	798	$formTemplate->assign("LANG_CUST_INFO_TITLE",$lang['module']['eway']['customer_info']);
	799	$formTemplate->assign("LANG_EMAIL",$lang['module']['eway']['email']);
	800	$formTemplate->assign("LANG_ADDRESS",$lang['module']['eway']['address']);
	801	$formTemplate->assign("LANG_CITY",$lang['module']['eway']['city']);
	802	$formTemplate->assign("LANG_STATE",$lang['module']['eway']['state']);
	803	$formTemplate->assign("LANG_ZIPCODE",$lang['module']['eway']['zipcode']);
	804	$formTemplate->assign("LANG_COUNTRY",$lang['module']['eway']['country']);
	805	$formTemplate->assign("LANG_OPTIONAL",$lang['module']['eway']['optional']);
	806
	807
	808	$formTemplate->parse("form");
	809	$formTemplate = $formTemplate->text("form");
	810	?>

File: modules\gateway\Authorize_AIM\form.tpl

-+	1	<!-- BEGIN: form -->
	2	<table width="100%" cellpadding="3" cellspacing="0" border="0">
	3	<tr align="left">
	4	<td colspan="4" class="tdcartTitle"><strong>{LANG_CC_INFO_TITLE}</strong></td>
	5	</tr>
	6	<tr align="left">
	7	<td><strong>{LANG_FIRST_NAME}</strong></td>
	8	<td><input type="text" name="firstName" value="{VAL_FIRST_NAME}" class="textbox" /></td>
	9	<td><strong>{LANG_LAST_NAME}</strong></td>
	10	<td><input type="text" name="lastName" value="{VAL_LAST_NAME}" class="textbox" /></td>
	11	</tr>
	12	<tr align="left">
	13	<td><strong>{LANG_CARD_NUMBER}</strong>
	14	<td colspan="3"><input type="text" name="cardNumber" value="" size="16" maxlength="16" class="textbox" /></td>
	15	</tr>
	16	<tr align="left">
	17	<td><strong>{LANG_EXPIRES}</strong></td>
	18	<td colspan="3"><input type="text" name="expirationMonth" value="" size="2" maxlength="2" class="textbox" /> / <input type="text" name="expirationYear" value="" size="2" maxlength="2" class="textbox" /> {LANG_MMYY}
	19	</tr>
	20	<!--
	21	<tr align="left">
	22	<td><strong>{LANG_SECURITY_CODE}</strong>
	23	<td colspan="3"><input type="text" name="cvc2" value="" size="3" maxlength="3" class="textbox" /></td>
	24	</tr>
	25	-->
	26	<tr>
	27	<td colspan="4"> </td>
	28	</tr>
	29	<tr align="left">
	30	<td colspan="4" class="tdcartTitle"><strong>{LANG_CUST_INFO_TITLE}</strong></td>
	31	</tr>
	32	<tr align="left">
	33	<td><strong>{LANG_EMAIL}</strong></td>
	34	<td colspan="3"><input type="text" name="emailAddress" value="{VAL_EMAIL_ADDRESS}" size="50" class="textbox" /></td>
	35	</tr>
	36	<tr align="left">
	37	<td><strong>{LANG_ADDRESS}</strong></td>
	38	<td colspan="3"><input type="text" name="addr1" value="{VAL_ADD_1}" size="50" class="textbox" /></td>
	39	</tr>
	40	<tr align="left">
	41	<td> </td>
	42	<td colspan="3"><input type="text" name="addr2" value="{VAL_ADD_2}" size="50" class="textbox" /> {LANG_OPTIONAL}</td>
	43	</tr>
	44	<tr align="left">
	45	<td>
	46	<strong>{LANG_CITY}</strong>
	47	</td>
	48	<td colspan="3">
	49	<input type="text" name="city" value="{VAL_CITY}" class="textbox" />
	50	</td>
	51	</tr>
	52	<tr align="left">
	53	<td>
	54	<strong>{LANG_STATE}</strong>
	55	</td>
	56	<td colspan="3">
	57	<input type="text" name="state" value="{VAL_COUNTY}" size="2" class="textbox" />
	58	</td>
	59	</tr>
	60	<tr align="left">
	61	<td>
	62	<strong>{LANG_ZIPCODE}</strong>
	63	</td>
	64	<td colspan="3">
	65	<input type="text" name="postalCode" value="{VAL_POST_CODE}" size="10" maxlength="10" class="textbox" />
	66	</td>
	67	</tr>
	68	<tr align="left">
	69	<td><strong>{LANG_COUNTRY}</strong>
	70	<td colspan="3">
	71	<select name="country" class="textbox">
	72	<!-- BEGIN: repeat_countries -->
	73	<option value="{VAL_COUNTRY_ISO}" {COUNTRY_SELECTED}>{VAL_COUNTRY_NAME}</option>
	74	<!-- END: repeat_countries -->
	75	</select>
	76	</td>
	77	</tr>
	78	</table>
	79	<input type="hidden" name="gateway" value="Authorize_AIM" />
	80	<!-- END: form -->

File: modules\gateway\Authorize_AIM\transfer.inc.php

-+	1	<?php
	2	/*
	3	+--------------------------------------------------------------------------
	4	\| CubeCart v3.0.10
	5	\| ========================================
	6	\| by Alistair Brookbanks
	7	\| CubeCart is a Trade Mark of Devellion Limited
	8	\| Copyright Devellion Limited 2005 - 2006. All rights reserved.
	9	\| Devellion Limited,
	10	\| 22 Thomas Heskin Court,
	11	\| Station Road,
	12	\| Bishops Stortford,
	13	\| HERTFORDSHIRE.
	14	\| CM23 3EE
	15	\| UNITED KINGDOM
	16	\| http://www.devellion.com
	17	\| UK Private Limited Company No. 5323904
	18	\| ========================================
	19	\| Web: http://www.cubecart.com
	20	\| Date: Tuesday, 14th March 2006
	21	\| Email: info (at) cubecart (dot) com
	22	\| License Type: CubeCart is NOT Open Source Software and Limitations Apply
	23	\| Licence Info: http://www.cubecart.com/site/faq/license.php
	24	+--------------------------------------------------------------------------
	25	\| transfer.php
	26	\| ========================================
	27	\| Core functions for the iPay Gateway
	28	+--------------------------------------------------------------------------
	29	*/
	30	/*
	31	//////////////////////////
	32	// IPAY GATEWAY
	33	//////////////////////////
	34	// L@@K AT ALL THE LOVELY
	35	// VARIABLES WE HAVE TO
	36	// PLAY WITH!!
	37	//////
	38
	39	//////////////////////////
	40	// IN THE REPEATED REGION
	41	//////
	42	$orderInv['productId'] - product id as an integer
	43	$orderInv['name'] - product name as a varchar
	44	$orderInv['price'] - price of each product (inc options)
	45	$orderInv['quantity'] - quantity of products as an integer
	46	$orderInv['product_options'] - products attributes as test
	47	$orderInv['productCode'] - product code as a varchar
	48	$i - This is the current incremented integer starting at 0
	49
	50	/////////////////////////
	51	// FIXED VARS
	52	///////
	53	$cart_order_id - cart order id as a varchar
	54	$ccUserData[0]['email'] - Customers email address
	55	$ccUserData[0]['title'] - Customers title (Mr Miss etc...)
	56	$ccUserData[0]['firstName'] - Customers first name
	57	$ccUserData[0]['lastName'] - Customers last name
	58	$ccUserData[0]['add_1'] - Invoice Address line 1
	59	$ccUserData[0]['add_2'] - Invoice Address line 1
	60	$ccUserData[0]['town'] - Invoice Town or city
	61	$ccUserData[0]['county'] - Invoice County or state
	62	$ccUserData[0]['postcode'] - Invoice Post/Zip Code
	63	$ccUserData[0]['country'] - Invoice country Id we can look up the country name like this
	64	countryName($ccUserData[0]['country']);
	65	$ccUserData[0]['phone'] - Contact phone no
	66	$ccUserData[0]['mobile'] - Mobile/Cell phone number
	67
	68	$basket['delInf']['title'] - Delivery title (Mr Miss etc...)
	69	$basket['delInf']['firstName'] - Delivery customers first name
	70	$basket['delInf']['lastName'] - Delivery customers last name
	71	$basket['delInf']['add_1'] - Delivery Address line 1
	72	$basket['delInf']['add_2'] - Delivery Address line 1
	73	$basket['delInf']['town'] - Delivery Town or city
	74	$basket['delInf']['county'] - Delivery County or state
	75	$basket['delInf']['postcode'] - Delivery Post/Zip Code
	76	$basket['delInf']['country'] - Delivery country Id we can look up the country name like this
	77	countryName($basket['delInf']['country']);
	78
	79
	80	$basket['subTotal'] - Order Subtotal (exTax and Shipping)
	81	$basket['grandTotal'] - Basket total which has to be paid (inc Tax and Shipping).
	82	$basket['tax'] - Total tax to pay
	83	$basket['shipCost'] - Shipping price
	84	////////////////////////////////////////////////////////
	85	*/
	86
	87	$module = fetchDbConfig("Authorize_AIM");
	88
	89	function repeatVars(){
	90
	91	return FALSE;
	92
	93	}
	94
	95	function fixedVars(){
	96
	97
	98	return FALSE;
	99
	100	}
	101
	102	function success(){
	103	global $basket;
	104
	105	if($_GET['f']==1) {
	106
	107	return FALSE;
	108
	109	} else {
	110
	111	return TRUE;
	112
	113	}
	114
	115	}
	116
	117	///////////////////////////
	118	// Other Vars
	119	////////
	120	$formAction = "cart.php?act=step5&process=1";
	121	$formMethod = "post";
	122	$formTarget = "_self";
	123	$transfer = "manual";
	124	$stateUpdate = FALSE;
	125	?>

File: modules\gateway\BluePay\BP20-PHP4.3.php

1	<?	<>	1	<?php
2	/*	=	2	/*
3	*		3	*
4	* Bluepay 2.0 PHP 4.3 API		4	* Bluepay 2.0 PHP 4.3 API
5	* Main changes:		5	* Main changes:
6	* -Created a http_build_query function since PHP v < 5 does not have one built in		6	* -Created a http_build_query function since PHP v < 5 does not have one built in
7	* -Changed variable declarations (PHP v < 5 does not have public, private or protected)		7	* -Changed variable declarations (PHP v < 5 does not have public, private or protected)

104		=	104
105	/*		105	/*
106	PHP 4.3 version of defining constants.		106	PHP 4.3 version of defining constants.
107	*/		107	*/
108	/* constants */		108	/* constants */
109			109
110	if($module['test']==1){	<>
111
112	define( 'MODE', 'TEST' ); // either TEST or LIVE		110	define( 'MODE', $moduleMode ); // either TEST or LIVE
113		=	111
114	} else {	+-
115
116	define( 'MODE', 'LIVE' ); // either TEST or LIVE
117
118	}
119	//https://secure.bluepay.com/interfaces/bp20post	=	112	//https://secure.bluepay.com/interfaces/bp20post
120	//https://secure.bluepay.com/interfaces/bp10emu		113	//https://secure.bluepay.com/interfaces/bp10emu
121	define( 'POST_URL', 'https://secure.bluepay.com/interfaces/bp20post' ); // the url to post to		114	define( 'POST_URL', 'https://secure.bluepay.com/interfaces/bp20post' ); // the url to post to
122			115
123	/*		116	/*
124	define( 'ACCOUNT_ID', '123123123123' ); // the default account id		117	define( 'ACCOUNT_ID', '123123123123' ); // the default account id

File: modules\gateway\BluePay\BP20-PHP5.php

-<?
+<?php
 /***
  * class BluePayment
  *
  * Written By:
  * Peter Finley
  * (error) STATUS response)
  *
  * - this class is written in PHP 5 (and is _not_
  * compatable with any previous versions)
  */
 class BluePayment {
  /* merchant supplied parameters */
  protected $accountId; // ACCOUNT_ID
  protected $userId; // USER_ID (optional)
  protected $tps; // TAMPER_PROOF_SEAL
  protected $transType; // TRANS_TYPE (AUTH, SALE, REFUND, or CAPTURE)
  protected $message;
  protected $rebid;
  /* constants */
- if($module['test']==1){
-        const MODE = 'TEST'; // either TEST or LIVE
+ const MODE = "TEST"; // either TEST or LIVE
- } else {
-        const MODE = 'LIVE'; // either TEST or LIVE
- }
  const POST_URL = 'https://secure.bluepay.com/interfaces/bp20post'; // the url to post to
- const ACCOUNT_ID = $module['accNo']; // the default account id
+ const ACCOUNT_ID = ''; // the default account id
- const SECRET_KEY = $module['key']; // the default secret key
+ const SECRET_KEY = ''; // the default secret key
  /* STATUS response constants */
  const STATUS_DECLINE = '0'; // DECLINE
  const STATUS_APPROVED = '1'; // APPROVED
  const STATUS_ERROR = 'E'; // ERROR
  * and the mode properties. These will default to
  * the constant values if not specified.
  */
  public function __construct($account = self::ACCOUNT_ID,
  $key = self::SECRET_KEY, $mode = self::MODE) {
+ global $module, $moduleMode;
- $this->accountId = $account;
+ $this->accountId = $module['accNo'];
- $this->secretKey = $key;
+ $this->secretKey = $module['key'];
- $this->mode = $mode;
+ $this->mode = $moduleMode;
  }
  /***
  * Will first generate the tamper proof seal, then
  * populate the POST query, then send it, and store
  * the response, and finally parse the response.
  */
  public function process() {
+ global $moduleMode, $module;
  /* calculate the tamper proof seal */
  $tps = $this->calcTPS();
  /* fill in the fields */
  $fields = array (
- 'ACCOUNT_ID' => $this->accountId,
+ 'ACCOUNT_ID' => $module['accNo'],
  'USER_ID' => $this->userId,
  'TAMPER_PROOF_SEAL' => $tps,
  'TRANS_TYPE' => $this->transType,
  'PAYMENT_TYPE' => $this->payType,
- 'MODE' => $this->mode,
+ 'MODE' => $moduleMode,
  'MASTER_ID' => $this->masterId,
  'PAYMENT_ACCOUNT' => $this->account,
  'CARD_CVV2' => $this->cvv2,
  'CARD_EXPIRE' => $this->expire,
  'SSN' => $this->ssn,
  public function getAuthCode() { return $this->authCode; }
  public function getMessage() { return $this->message; }
  public function getRebid() { return $this->rebid; }
 }
-/* EXAMPLE
-$bp = new BluePayment();
-$bp->sale('25.00');
-$bp->setCustInfo('4111111111111111',
- '123',
- '0606',
- 'Chris',
- 'Jansen',
- '123 Bluepay Ln',
- 'Bluesville',
- 'IL',
- '60563',
- 'USA');
-$bp->process();
-echo 'Response: '. $bp->getResponse() .'<br />'.
- 'TransId: '. $bp->getTransId() .'<br />'.
- 'Status: '. $bp->getStatus() .'<br />'.
- 'AVS Resp: '. $bp->getAvsResp() .'<br />'.
- 'CVV2 Resp: '. $bp->getCvv2Resp() .'<br />'.
- 'Auth Code: '. $bp->getAuthCode() .'<br />'.
- 'Message: '. $bp->getMessage() .'<br />'.
- 'Rebid: '. $bp->getRebid();
-END EXAMPLE */
 ?>

File: modules\gateway\BluePay\form.inc.php

 <?php
 $module = fetchDbConfig("BluePay");
 if($_GET['process']==1){
+        if($module['testMode']==1)
+        {
+                $moduleMode = "TEST";
+        }
+        else
+        {
+                $moduleMode = "LIVE";
+        }
         if(phpversion()<5){
                 require_once('BP20-PHP4.3.php');
         } else {

File: modules\gateway\mals-e\transfer.inc.php

99	global $module, $basket, $ccUserData, $cart_order_id, $config, $GLOBALS, $db, $glob;	=	99	global $module, $basket, $ccUserData, $cart_order_id, $config, $GLOBALS, $db, $glob;
100			100
101	$hiddenVars = "<input type='hidden' name='userid' value='".$module['acc']."' />		101	$hiddenVars = "<input type='hidden' name='userid' value='".$module['acc']."' />
102	<input type='hidden' name='qty1' value='1' />		102	<input type='hidden' name='qty1' value='1' />
103	<input type='hidden' name='product1' value='".$cart_order_id."' />		103	<input type='hidden' name='product1' value='".$cart_order_id."' />
104	<input type='hidden' name='price1' value='".$basket['grandTotal']."' />		104	<input type='hidden' name='price1' value='".$basket['grandTotal']."' />
105	<!--<input type='hidden' name='return' value='".$GLOBALS['storeURL']."/confirmed.php?act=conf&oid=".base64_encode($cart_order_id)."' />-->	<>	105	<input type='hidden' name='return' value='".$GLOBALS['storeURL']."/confirmed.php?pg=".base64_encode("mals-e")."' />
106	<input type='hidden' name='inv_name' value='".$ccUserData[0]['title']." ".$ccUserData[0]['firstName']." ".$ccUserData[0]['lastName']."' />	=	106	<input type='hidden' name='inv_name' value='".$ccUserData[0]['title']." ".$ccUserData[0]['firstName']." ".$ccUserData[0]['lastName']."' />
107	<input type='hidden' name='inv_addr1' value='".$ccUserData[0]['add_1']." ".$ccUserData[0]['add_2']."' />		107	<input type='hidden' name='inv_addr1' value='".$ccUserData[0]['add_1']." ".$ccUserData[0]['add_2']."' />
108	<input type='hidden' name='inv_addr2' value='".$ccUserData[0]['town']."' />		108	<input type='hidden' name='inv_addr2' value='".$ccUserData[0]['town']."' />
109	<input type='hidden' name='inv_state' value='".$ccUserData[0]['county']."' />		109	<input type='hidden' name='inv_state' value='".$ccUserData[0]['county']."' />
110	<input type='hidden' name='inv_zip' value='".$ccUserData[0]['postcode']."' />		110	<input type='hidden' name='inv_zip' value='".$ccUserData[0]['postcode']."' />
111	<input type='hidden' name='inv_country' value='".countryName($ccUserData[0]['country'])."' />		111	<input type='hidden' name='inv_country' value='".countryName($ccUserData[0]['country'])."' />

File: modules\shipping\Royal_Mail\calc.php

76	$overWeight = TRUE;	=	76	$overWeight = TRUE;
77			77
78	}		78	}
79			79
80	}		80	}
81			81
		<>	82	if($sum>0)
			83	{
82	$shippingPrice .= "<option value='".$shipKey."'";		84	$shippingPrice .= "<option value='".$shipKey."'";
83			85
84	if($shipKey==$basket['shipKey']){		86	if($shipKey==$basket['shipKey'])
			87	{
85	$shippingPrice .= " selected='selected'";		88	$shippingPrice .= " selected='selected'";
86	$basket = $cart->setVar("Royal Mail","shipMethod");		89	$basket = $cart->setVar("Royal Mail","shipMethod");
87	$basket = $cart->setVar(sprintf("%.2f",$sum),"shipCost");		90	$basket = $cart->setVar(sprintf("%.2f",$sum),"shipCost");
88	}		91	}
89		=	92
90	$shippingPrice .= ">".priceFormat($sum)."</option>\r\n";	<>	93	$shippingPrice .= ">".priceFormat($sum)."</option>\r\n";
91	$shippingAvailable = TRUE;		94	$shippingAvailable = TRUE;
			95	}
92		=	96
93	$shipKey++;		97	$shipKey++;
94	unset($module, $taxVal);		98	unset($module, $taxVal);
95	}		99	}
96	?>		100	?>

File: modules\shipping\USPS\class.usps.php

420	//Create a cURL instance and retrieve XML response	=	420	//Create a cURL instance and retrieve XML response
421	if(!is_callable("curl_exec")) die("USPS::submit_request: curl_exec is uncallable");		421	if(!is_callable("curl_exec")) die("USPS::submit_request: curl_exec is uncallable");
422			422
423	if($module['test']==1){		423	if($module['test']==1){
424	$USPSURL = "http://testing.shippingapis.com/ShippingAPITest.dll";		424	$USPSURL = "http://testing.shippingapis.com/ShippingAPITest.dll";
425	} else {		425	} else {
426	$USPSURL = "http://production.shippingapis.com/ShippingAPI.dll";	<>	426	$USPSURL = "https://secure.shippingapis.com/ShippingAPI.dll";
427	}	=	427	}
428	$ch = curl_init($USPSURL);		428	$ch = curl_init($USPSURL);
429	curl_setopt($ch, CURLOPT_POST, 1);		429	curl_setopt($ch, CURLOPT_POST, 1);
430	curl_setopt($ch, CURLOPT_POSTFIELDS, "API=" . $this->api . "&XML=" . $this->request_xml);		430	curl_setopt($ch, CURLOPT_POSTFIELDS, "API=" . $this->api . "&XML=" . $this->request_xml);
431	curl_setopt($ch, CURLOPT_TIMEOUT, 60);		431	curl_setopt($ch, CURLOPT_TIMEOUT, 60);
432	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);		432	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

File: skins\Classic\styleTemplates\boxes\randomProd.tpl

1	<!-- BEGIN: random_prod -->	=	1	<!-- BEGIN: random_prod -->
2	<div class="boxTitleRight">{LANG_RANDOM_PRODUCT}</div>		2	<div class="boxTitleRight">{LANG_RANDOM_PRODUCT}</div>
3	<div class="boxContentLeft" style="text-align: center">		3	<div class="boxContentLeft" style="text-align: center">
4	<a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}"><img src="{IMG_SRC}" alt="{PRODUCT_NAME}" border="0" title="" /></a>	<>	4	<a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}"><img src="{IMG_SRC}" alt="{PRODUCT_NAME}" border="0" title="{PRODUCT_NAME}" /></a>
5	<br />	=	5	<br />
6	<span class="txtCopy"><a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}" class="txtDefault">{PRODUCT_NAME}</a></span>		6	<span class="txtCopy"><a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}" class="txtDefault">{PRODUCT_NAME}</a></span>
7	</div>		7	</div>
8	<!-- END: random_prod -->		8	<!-- END: random_prod -->

File: skins\Classic\styleTemplates\content\viewDoc.tpl

1	<!-- BEGIN: view_doc -->	=	1	<!-- BEGIN: view_doc -->
2	<div class="boxContent">		2	<div class="boxContent">
3	<span class="txtContentTitle">{DOC_NAME}</span>		3	<span class="txtContentTitle">{DOC_NAME}</span>
4	<br />		4	<br />
5	{DOC_CONTENT}		5	{DOC_CONTENT}
6	</div>		6	</div>
7	<!-- BEGIN: view_doc -->	<>	7	<!-- END: view_doc -->

File: skins\Killer\styleTemplates\boxes\randomProd.tpl

1	<!-- BEGIN: random_prod -->	=	1	<!-- BEGIN: random_prod -->
2	<div class="boxTitleRight">{LANG_RANDOM_PRODUCT}</div>		2	<div class="boxTitleRight">{LANG_RANDOM_PRODUCT}</div>
3	<div class="boxContentLeft" style="text-align: center">		3	<div class="boxContentLeft" style="text-align: center">
4	<a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}"><img src="{IMG_SRC}" alt="{PRODUCT_NAME}" border="0" title="{PRODUCT_NAME" /></a>	<>	4	<a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}"><img src="{IMG_SRC}" alt="{PRODUCT_NAME}" border="0" title="{PRODUCT_NAME}" /></a>
5	<br />	=	5	<br />
6	<span class="txtCopy"><a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}" class="txtDefault">{PRODUCT_NAME}</a></span>		6	<span class="txtCopy"><a href="index.php?act=viewProd&productId={PRODUCT_ID}" title="{PRODUCT_NAME}" class="txtDefault">{PRODUCT_NAME}</a></span>
7	</div>		7	</div>
8	<div class="boxFootLeft"> </div>		8	<div class="boxFootLeft"> </div>
9	<!-- END: random_prod -->		9	<!-- END: random_prod -->

File: skins\Killer\styleTemplates\content\viewDoc.tpl

1	<!-- BEGIN: view_doc -->	=	1	<!-- BEGIN: view_doc -->
2	<div class="boxContent">		2	<div class="boxContent">
3	<span class="txtContentTitle">{DOC_NAME}</span>		3	<span class="txtContentTitle">{DOC_NAME}</span>
4	<br />		4	<br />
5	{DOC_CONTENT}		5	{DOC_CONTENT}
6	</div>		6	</div>
7	<!-- BEGIN: view_doc -->	<>	7	<!-- END: view_doc -->

File: skins\Legend\styleTemplates\content\viewDoc.tpl

1	<!-- BEGIN: view_doc -->	=	1	<!-- BEGIN: view_doc -->
2	<div class="boxContent">		2	<div class="boxContent">
3	<span class="txtContentTitle">{DOC_NAME}</span>		3	<span class="txtContentTitle">{DOC_NAME}</span>
4	<br />		4	<br />
5	{DOC_CONTENT}		5	{DOC_CONTENT}
6	</div>		6	</div>
7	<!-- BEGIN: view_doc -->	<>	7	<!-- END: view_doc -->

73	<TABLE>	=	73	<TABLE>
74	<tr>		74	<tr>
75	<td>		75	<td>
76			76
77	<span class="copyText">		77	<span class="copyText">
78	<?php		78	<?php
79	$uploadFileName = str_replace(array(" ","%20"),"_",$HTTP_POST_FILES['FCKeditor_File']['name']);	<>	79	$uploadFileName = str_replace(array(" ","%20"),"_",$_FILES['FCKeditor_File']['name']);
80		=	80
81	if($HTTP_POST_FILES['FCKeditor_File']['size'] > $config['maxImageUploadSize']) {	<>	81	if($_FILES['FCKeditor_File']['size'] > $config['maxImageUploadSize']) {
82		=	82
83	echo sprintf($lang['admin']['filemanager']['file_too_big'],$uploadFileName,format_size($config['maxImageUploadSize']));		83	echo sprintf($lang['admin']['filemanager']['file_too_big'],$uploadFileName,format_size($config['maxImageUploadSize']));
84	unlink($HTTP_POST_FILES['FCKeditor_File']['tmp_name']);	<>	84	unlink($_FILES['FCKeditor_File']['tmp_name']);
85		=	85
86	} elseif (file_exists($GLOBALS['rootDir']."/images/uploads/".$uploadFileName)) {		86	} elseif (file_exists($GLOBALS['rootDir']."/images/uploads/".$uploadFileName)) {
87			87
88	echo sprintf($lang['admin']['filemanager']['img_already_exists'],$uploadFileName);		88	echo sprintf($lang['admin']['filemanager']['img_already_exists'],$uploadFileName);
89			89
90	} elseif (!is_uploaded_file($HTTP_POST_FILES['FCKeditor_File']['tmp_name'])) {	<>	90	} elseif (!is_uploaded_file($_FILES['FCKeditor_File']['tmp_name'])) {
91		=	91
92	echo $lang['admin']['filemanager']['upload_too_large'];		92	echo $lang['admin']['filemanager']['upload_too_large'];
93			93
94	} elseif ($HTTP_POST_FILES['FCKeditor_File']['type'] != "image/jpeg" AND $HTTP_POST_FILES['FCKeditor_File']['type'] != "image/png" AND $HTTP_POST_FILES['FCKeditor_File']['type'] != "image/x-png" AND $HTTP_POST_FILES['FCKeditor_File']['type'] != "image/pjpeg" AND $HTTP_POST_FILES['FCKeditor_File']['type'] != "image/x-jpeg" AND $HTTP_POST_FILES['FCKeditor_File']['type'] != "image/gif"){	<>	94	} elseif ($_FILES['FCKeditor_File']['type'] != "image/jpeg" AND $_FILES['FCKeditor_File']['type'] != "image/png" AND $_FILES['FCKeditor_File']['type'] != "image/x-png" AND $_FILES['FCKeditor_File']['type'] != "image/pjpeg" AND $_FILES['FCKeditor_File']['type'] != "image/x-jpeg" AND $_FILES['FCKeditor_File']['type'] != "image/gif"){
95		=	95
96	echo sprintf($lang['admin']['filemanager']['not_valid_mime'],$uploadFileName);		96	echo sprintf($lang['admin']['filemanager']['not_valid_mime'],$uploadFileName);
97	unlink($HTTP_POST_FILES['FCKeditor_File']['tmp_name']);	<>	97	unlink($_FILES['FCKeditor_File']['tmp_name']);
98		=	98
99	} else {		99	} else {
100			100
101	if (is_uploaded_file($HTTP_POST_FILES['FCKeditor_File']['tmp_name'])) {	<>	101	if (is_uploaded_file($_FILES['FCKeditor_File']['tmp_name'])) {
102	$savefile = $GLOBALS['rootDir']."/images/uploads/".$uploadFileName;	=	102	$savefile = $GLOBALS['rootDir']."/images/uploads/".$uploadFileName;
103			103
104	if (move_uploaded_file($HTTP_POST_FILES['FCKeditor_File']['tmp_name'], $savefile)) {	<>	104	if (move_uploaded_file($_FILES['FCKeditor_File']['tmp_name'], $savefile)) {
105	@chmod($savefile, 0644);	=	105	@chmod($savefile, 0644);
106			106
107	// if image is a JPG check thumbnail doesn't exist and if not make one		107	// if image is a JPG check thumbnail doesn't exist and if not make one
108	$imageFormat = strtoupper(ereg_replace(".\.(.)$","\\1",$uploadFileName));		108	$imageFormat = strtoupper(ereg_replace(".\.(.)$","\\1",$uploadFileName));
109			109
110	if($imageFormat == "JPG" \|\| $imageFormat == "JPEG" \|\| $imageFormat == "PNG" \|\| ($imageFormat == "GIF" && $config['gdGifSupport']==1)){		110	if($imageFormat == "JPG" \|\| $imageFormat == "JPEG" \|\| $imageFormat == "PNG" \|\| ($imageFormat == "GIF" && $config['gdGifSupport']==1)){

24	+--------------------------------------------------------------------------	=	24	+--------------------------------------------------------------------------
25	\| navigation.inc.php		25	\| navigation.inc.php
26	\| ========================================		26	\| ========================================
27	\| Admin Navigation links		27	\| Admin Navigation links
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF'])) {	<>	30	if (ereg(".inc.php",$HTTP_SERVER_VARS['PHP_SELF']) \|\| ereg(".inc.php",$_SERVER['PHP_SELF'])) {
31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	31	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
32	exit;		32	exit;
33	}		33	}
34	$link401 = "href=\"javascript:alert('".$lang['admin']['nav']['permission_error']."');\" class=\"txtNullLink\"";		34	$link401 = "href=\"javascript:alert('".$lang['admin']['nav']['permission_error']."');\" class=\"txtNullLink\"";
35	?>		35	?>
36	<table width="180" border="0" cellspacing="0" cellpadding="0">		36	<table width="180" border="0" cellspacing="0" cellpadding="0">

76	<li><a <?php if(permission("orders","read")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/orders/" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['orders'];?></a></li>	=	76	<li><a <?php if(permission("orders","read")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/orders/" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['orders'];?></a></li>
77	</ul>		77	</ul>
78			78
79	<span class="navTitle"><?php echo $lang['admin']['nav']['file_manager'];?></span>		79	<span class="navTitle"><?php echo $lang['admin']['nav']['file_manager'];?></span>
80	<ul>		80	<ul>
81	<li><a <?php if(permission("filemanager","read")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/filemanager/" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['manage_images']?></a></li>		81	<li><a <?php if(permission("filemanager","read")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/filemanager/" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['manage_images']?></a></li>
82	<li><a <?php if(permission("filemanager","add")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/filemanager/" onclick="openPopUp('<?php echo $GLOBALS['rootRel']; ?>admin/filemanager/upload.php?custom=1&redir=0','filemanager',450,250)" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['upload_images'];?></a></li>	<>	82	<li><a <?php if(permission("filemanager","write")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/filemanager/" onclick="openPopUp('<?php echo $GLOBALS['rootRel']; ?>admin/filemanager/upload.php?custom=1&redir=0','filemanager',450,250)" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['upload_images'];?></a></li>
83	</ul>	=	83	</ul>
84			84
85	<span class="navTitle"><?php echo $lang['admin']['nav']['statistics'];?></span>		85	<span class="navTitle"><?php echo $lang['admin']['nav']['statistics'];?></span>
86	<ul>		86	<ul>
87	<li><a <?php if(permission("statistics","read")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/stats/" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['view_stats'];?></a></li>		87	<li><a <?php if(permission("statistics","read")==TRUE){ ?>href="<?php echo $GLOBALS['rootRel']; ?>admin/stats/" class="txtLink"<?php } else { echo $link401; } ?>><?php echo $lang['admin']['nav']['view_stats'];?></a></li>
88	</ul>		88	</ul>

138	<?php echo $lang['admin']['settings']['eg_root_path'];?>	=	138	<?php echo $lang['admin']['settings']['eg_root_path'];?>
139	</td>		139	</td>
140	<td align="left"><input type="text" size="35" class="textbox" name="config[rootDir]" value="<?php echo $glob['rootDir']; ?>" /></td>		140	<td align="left"><input type="text" size="35" class="textbox" name="config[rootDir]" value="<?php echo $glob['rootDir']; ?>" /></td>
141	</tr>		141	</tr>
142	-->		142	-->
143	<tr>		143	<tr>
144	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['rootRel_SSL'];?></strong> <?php echo $lang['admin']['settings']['include_slash'];?> </td>	<>	144	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['rootRel_SSL'];?></strong> <br />
			145	<?php echo $lang['admin']['settings']['include_slash'];?> </td>
145	<td align="left"><input type="text" size="35" class="textbox" name="config[rootRel_SSL]" value="<?php echo $config['rootRel_SSL']; ?>" /></td>	=	146	<td align="left"><input type="text" size="35" class="textbox" name="config[rootRel_SSL]" value="<?php echo $config['rootRel_SSL']; ?>" /></td>
146	</tr>		147	</tr>
147	<tr>		148	<tr>
148	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['storeURL_SSL'];?></strong> <br />		149	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['storeURL_SSL'];?></strong> <br />
149	<?php echo $lang['admin']['settings']['eg_domain_SSL'];?></td>		150	<?php echo $lang['admin']['settings']['eg_domain_SSL'];?></td>
150	<td align="left"><input type="text" size="35" class="textbox" name="config[storeURL_SSL]" value="<?php echo $config['storeURL_SSL']; ?>" /></td>		151	<td align="left"><input type="text" size="35" class="textbox" name="config[storeURL_SSL]" value="<?php echo $config['storeURL_SSL']; ?>" /></td>
151	</tr>		152	</tr>
		-+	153	<!--
152	<tr>	=	154	<tr>
153	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['rootDir_SSL'];?></strong><br />		155	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['rootDir_SSL'];?></strong><br />
154	<?php echo $lang['admin']['settings']['eg_root_path_secure'];?></td>		156	<?php echo $lang['admin']['settings']['eg_root_path_secure'];?></td>
155	<td align="left"><input type="text" size="35" class="textbox" name="config[rootDir_SSL]" value="<?php echo $config['rootDir_SSL']; ?>" /></td>		157	<td align="left"><input type="text" size="35" class="textbox" name="config[rootDir_SSL]" value="<?php echo $config['rootDir_SSL']; ?>" /></td>
156	</tr>		158	</tr>
		-+	159	-->
157	<tr>	=	160	<tr>
158	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['enable_ssl'];?></strong><br />		161	<td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['enable_ssl'];?></strong><br />
159	<?php echo $lang['admin']['settings']['ssl_warn'];?> </td>		162	<?php echo $lang['admin']['settings']['ssl_warn'];?> </td>
160	<td align="left">		163	<td align="left">
161	<select name="config[ssl]" class="textbox">		164	<select name="config[ssl]" class="textbox">
162	<option value="1" <?php if($config['ssl']==1) echo "selected='selected'"; ?>><?php echo $lang['admin']['yes'];?></option>		165	<option value="1" <?php if($config['ssl']==1) echo "selected='selected'"; ?>><?php echo $lang['admin']['yes'];?></option>