FILE COMPARISON
Produced: 17/08/2006 13:44:09

Mode: Differences with Context
Left base folder: CubeCart_3.0.11\upload
Right base folder: CubeCart_3.0.12\upload

Files/Folders Added to 3.0.12:
/images/random
/images/random/verifyGD.php
/images/random/verifySTD.php
/images/random/verify.jpg
/images/radmon/chars
/images/random/chars/(0-9A-Z).gif
/classes/fonts
/classes/fonts/anonymous.gdf

Code Comparison:

File: admin\filemanager\preview.php

42	<title><?php echo $lang['admin']['filemanager']['prev_file'];?></title>	=	42	<title><?php echo $lang['admin']['filemanager']['prev_file'];?></title>
43	<link href="../styles/style.css" rel="stylesheet" type="text/css" />		43	<link href="../styles/style.css" rel="stylesheet" type="text/css" />
44	</head>		44	</head>
45			45
46	<body class="greyBg">		46	<body class="greyBg">
47	<?php if(isset($_GET['file'])){ ?>		47	<?php if(isset($_GET['file'])){ ?>
48	<div class="imgPreview" align="center" style="width:<?php echo $_GET['x'];?>px; height:<?php echo $_GET['y'];?>px;"><a href="javascript:window.close();"><img src="<?php echo $_GET['file']; ?>" alt="<?php echo $lang['admin']['filemanager']['close_window'];?>" title="<?php echo $lang['admin']['filemanager']['close_window'];?>" border="0" /></a></div>	<>	48	<div class="imgPreview" align="center" style="width:<?php echo treatGet($_GET['x']);?>px; height:<?php echo treatGet($_GET['y']);?>px;"><a href="javascript:window.close();"><img src="<?php echo treatGet($_GET['file']); ?>" alt="<?php echo $lang['admin']['filemanager']['close_window'];?>" title="<?php echo $lang['admin']['filemanager']['close_window'];?>" border="0" /></a></div>
49	<?php } else { ?>	=	49	<?php } else { ?>
50	<span class="copyText"><?php echo $lang['admin']['filemanager']['no_image_selected'];?></span>		50	<span class="copyText"><?php echo $lang['admin']['filemanager']['no_image_selected'];?></span>
51	<?php } ?>		51	<?php } ?>
52	</body>		52	</body>
53	</html>		53	</html>

File: admin\orders\index.php

64	$msg = "<p class='infoText'>".$lang['admin']['orders']['delete_fail']."</p>";	=	64	$msg = "<p class='infoText'>".$lang['admin']['orders']['delete_fail']."</p>";
65	}		65	}
66	}		66	}
67			67
68			68
69	$sqlQuery = "";		69	$sqlQuery = "";
70	if(isset($_GET['oid'])){	<>	70	if(isset($_GET['oid']) && !isset($_GET['delete'])){
71	$sqlQuery = "WHERE cart_order_id = ".$db->mySQLsafe($_GET['oid']);	=	71	$sqlQuery = "WHERE cart_order_id = ".$db->mySQLsafe($_GET['oid']);
72	} elseif(isset($_GET['customer_id']) && $_GET['customer_id']>0){		72	} elseif(isset($_GET['customer_id']) && $_GET['customer_id']>0){
73	$sqlQuery = "WHERE ".$glob['dbprefix']."CubeCart_customer.customer_id = ".$db->mySQLsafe($_GET['customer_id']);		73	$sqlQuery = "WHERE ".$glob['dbprefix']."CubeCart_customer.customer_id = ".$db->mySQLsafe($_GET['customer_id']);
74	}		74	}
75			75
76			76

File: admin\products\options.php

         } else {
                 $attPage = 0;
         }
         $attributes = $db->select($query, $attributesPerPage, $attPage);
         $fullAttributes = $db->select($query);
+        for ($i=0; $i<count($fullAttributes); $i++){
+                $idKey = $fullAttributes[$i]['value_id'];
+                $optionValues[$idKey] = $fullAttributes[$i]['value_name'];
+        }
         $attributesPaginate = "";
         $attributesPaginate = $db->paginate($db->numrows($query), $attributesPerPage, $attPage, "attPage");
         // existing options
         if(isset($_GET['editAssigned']) && $_GET['editAssigned']>0){
                 $query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_options_bot INNER JOIN ".$glob['dbprefix']."CubeCart_inventory ON product = productId WHERE assign_id = ".$db->mySQLSafe($_GET['editAssigned'])." ORDER BY name, value_id ASC";
           <?php for ($i=0; $i<count($attributes); $i++){ ?>
           <?php
            $cellColor = "";
            $cellColor = cellColor($i);
                 $idKey = $attributes[$i]['value_id'];
-                $optionValues[$idKey] = $attributes[$i]['value_name'];
+                //$optionValues[$idKey] = $attributes[$i]['value_name'];
           ?>
           <?php if(!isset($_GET['editAttribute'])){ ?>
           <tr align="center">
         <td class="<?php echo $cellColor; ?>"><?php echo $attributes[$i]['value_id']; ?></td>
         <td class="<?php echo $cellColor; ?>"><?php echo $attributes[$i]['option_name']; ?></td>
                 <td class="<?php echo $cellColor; ?>"><?php echo $attributes[$i]['value_name']; ?></td>

File: admin\settings\index.php

         </tr>
         <tr>
         <td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['max_sess_length'];?></strong><br />
           <?php echo $lang['admin']['settings']['seconds'];?></td>
           <td align="left"><input type="text" size="10" class="textbox" name="config[sqlSessionExpiry]" value="<?php echo $config['sqlSessionExpiry']; ?>" /></td>
         </tr>
+        <tr>
+        <td width="30%" class="tdText"><?php echo $lang['admin']['settings']['spambot'];?></td>
+          <td align="left">
+          <select name="config[floodControl]" class="textbox">
+                        <option value="0" <?php if($config['floodControl']==0) echo "selected='selected'"; ?>><?php echo $lang['admin']['no']; ?></option>
+                        <option value="1" <?php if($config['floodControl']==1) echo "selected='selected'"; ?>><?php echo $lang['admin']['yes']; ?></option>
+                </select></td>
+        </tr>
         <!-- REMOVED IN FINAL DUE TO HOW CONFIG IS STORED
         <tr>
                 <td colspan="2" class="tdTitle"><strong><?php echo $lang['admin']['settings']['db_settings'];?></strong></td>
         </tr>
         <tr>
         <td width="30%" class="tdText"><strong><?php echo $lang['admin']['settings']['db_host'];?></strong></td>

File: admin\login.php

80		=	80
81	// update no logins		81	// update no logins
82	$increment['noLogins'] = "noLogins+1";		82	$increment['noLogins'] = "noLogins+1";
83	$result = $db->update($glob['dbprefix']."CubeCart_admin_users", $increment, "adminId=".$result[0]['adminId'],$stripQuotes="");		83	$result = $db->update($glob['dbprefix']."CubeCart_admin_users", $increment, "adminId=".$result[0]['adminId'],$stripQuotes="");
84			84
85	if(isset($_GET['goto']) && !empty($_GET['goto'])){		85	if(isset($_GET['goto']) && !empty($_GET['goto'])){
86	header("Location: ".urldecode($_GET['goto']));	<>	86	header("Location: ".urldecode(treatGet($_GET['goto'])));
87	exit;	=	87	exit;
88	} else {		88	} else {
89	header("Location: ".$GLOBALS['rootRel']."admin/index.php");		89	header("Location: ".$GLOBALS['rootRel']."admin/index.php");
90	exit;		90	exit;
91	}		91	}
92			92

94		=	94
95	$msg = "<p class='warnText'>".$lang['admin']['other']['login_failed']."</p>";		95	$msg = "<p class='warnText'>".$lang['admin']['other']['login_failed']."</p>";
96			96
97	}		97	}
98	}		98	}
99	if(isset($_GET['email'])){		99	if(isset($_GET['email'])){
100	$msg = "<p class='infoText'>".$lang['admin']['other']['new_pass_sent']." ".urldecode($_GET['email'])."</p>";	<>	100	$msg = "<p class='infoText'>".$lang['admin']['other']['new_pass_sent']." ".urldecode(treatGet($_GET['email']))."</p>";
101	}	=	101	}
102	?>		102	?>
103	<?php include("includes/header.inc.php"); ?>		103	<?php include("includes/header.inc.php"); ?>
104	<?php if(isset($msg)){ ?>		104	<?php if(isset($msg)){ ?>
105	<?php echo stripslashes($msg); ?>		105	<?php echo stripslashes($msg); ?>
106	<?php		106	<?php

File: classes\gd.inc.php

1	<?php	=	1	<?php
2	/*		2	/*
3	+--------------------------------------------------------------------------		3	+--------------------------------------------------------------------------
4	\| CubeCart v3.0.11	<>	4	\| CubeCart v3.1.0 Alpha
5	\| ========================================	=	5	\| ========================================
6	\| by Alistair Brookbanks		6	\| by Alistair Brookbanks
7	\| CubeCart is a Trade Mark of Devellion Limited	<>	7	\| CubeCart is a registered trade mark of Devellion Limited
8	\| Copyright Devellion Limited 2005 - 2006. All rights reserved.		8	\| Copyright Devellion Limited 2006. All rights reserved.
9	\| Devellion Limited,	=	9	\| Devellion Limited,
10	\| 22 Thomas Heskin Court,		10	\| 22 Thomas Heskin Court,
11	\| Station Road,		11	\| Station Road,
12	\| Bishops Stortford,		12	\| Bishops Stortford,
13	\| HERTFORDSHIRE.		13	\| HERTFORDSHIRE.
14	\| CM23 3EE		14	\| CM23 3EE
15	\| UNITED KINGDOM		15	\| UNITED KINGDOM
16	\| http://www.devellion.com		16	\| http://www.devellion.com
17	\| UK Private Limited Company No. 5323904		17	\| UK Private Limited Company No. 5323904
18	\| ========================================		18	\| ========================================
19	\| Web: http://www.cubecart.com		19	\| Web: http://www.cubecart.com
20	\| Date: Thursday, 27th July 2006	<>	20	\| Date: Tuesday, 14th March 2006
21	\| Email: sales (at) cubecart (dot) com		21	\| Email: info (at) cubecart (dot) com
22	\| License Type: CubeCart is NOT Open Source Software and Limitations Apply	=	22	\| License Type: CubeCart is NOT Open Source Software and Limitations Apply
23	\| Licence Info: http://www.cubecart.com/site/faq/license.php		23	\| Licence Info: http://www.cubecart.com/site/faq/license.php
24	+--------------------------------------------------------------------------		24	+--------------------------------------------------------------------------
25	\| gd.inc.php	<>	25	\| /gd.inc.php
26	\| ========================================	=	26	\| ========================================
27	\| GD Class		27	\| GD Class
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	class thumbnail	<>	30	class thumbnail
31	{	=	31	{
32	var $img;		32	var $img;
33			33
34	function thumbnail($imgfile)	<>	34	function thumbnail($imgfile="",$width="",$height="")
35	{	=	35	{
36	global $config;		36	global $config;
37			37
38	//detect image format		38	//detect image format
39	$this->img["format"]=ereg_replace(".\.(.)$","\\1",$imgfile);		39	$this->img["format"]=ereg_replace(".\.(.)$","\\1",$imgfile);
40	$this->img["format"]=strtoupper($this->img["format"]);		40	$this->img["format"]=strtoupper($this->img["format"]);
41		<>	41
42	if($config['gdversion']>0){		42	if($config['gdversion']>0)
			43	{
43		=	44
44	if ($this->img["format"]=="JPG" \|\| $this->img["format"]=="JPEG") {	<>	45	if ($this->img["format"]=="JPG" \|\| $this->img["format"]=="JPEG")
			46	{
45	//JPEG	=	47	//JPEG
46	$this->img["format"]="JPEG";		48	$this->img["format"]="JPEG";
47	$this->img["src"] = ImageCreateFromJPEG ($imgfile);	<>	49	$this->img["src"] = imagecreatefromjpeg($imgfile);
48		=	50
		<>	51	}
49	} elseif ($this->img["format"]=="PNG") {		52	elseif($this->img["format"]=="PNG")
			53	{
50	//PNG	=	54	//PNG
51	$this->img["format"]="PNG";		55	$this->img["format"]="PNG";
52	$this->img["src"] = ImageCreateFromPNG ($imgfile);	<>	56	$this->img["src"] = imagecreatefrompng($imgfile);
			57	}
53	} elseif ($this->img["format"]=="GIF") {		58	elseif ($this->img["format"]=="GIF")
			59	{
54	//GIF	=	60	//GIF
55	$this->img["format"]="GIF";		61	$this->img["format"]="GIF";
56	$this->img["src"] = ImageCreateFromGIF ($imgfile);	<>	62	$this->img["src"] = imagecreatefromgif($imgfile);
			63	}
57	} else {		64	else
			65	{
58	//DEFAULT	=	66	//DEFAULT
59	echo "Not Supported File! Thumbnails can only be made from .jpg and .jpeg file types!";	<>	67	echo "Not Supported File!";
60	exit();	=	68	exit();
61	}		69	}
		<>	70
			71	if($width>0 && $height>0)
			72	{
			73
			74	$this->img["width"] = $width;
			75	$this->img["height"] = $height;
			76
			77	}
			78	else
			79	{
			80
62	@$this->img["width"] = imagesx($this->img["src"]);		81	@$this->img["width"] = imagesx($this->img["src"]);
63	@$this->img["height"] = imagesy($this->img["src"]);		82	@$this->img["height"] = imagesy($this->img["src"]);
			83
			84	}
			85
64	//default quality jpeg	=	86	//default quality jpeg
65	$this->img["quality"]=80;	<>	87	$this->img["quality"] = $config['gdquality'];
66		=	88
		<>	89	}
67	} else {		90	else
			91	{
68		=	92
69	return FALSE;		93	return FALSE;
70			94
71	}		95	}
72			96
73	}		97	}
74			98
		-+	99	function size_custom($width=100, $height=100)
			100	{
			101	// custom
			102	$this->img["width_thumb"] = $width;
			103	$this->img["height_thumb"] = $height;
			104	}
			105
			106
75	function size_width($size=100)	=	107	function size_width($size=100)
76	{		108	{
77	//width	<>	109	// width
78	$this->img["width_thumb"]=$size;	=	110	$this->img["width_thumb"]=$size;
79	@$this->img["height_thumb"] = ($this->img["width_thumb"]/$this->img["width"])*$this->img["height"];		111	@$this->img["height_thumb"] = ($this->img["width_thumb"]/$this->img["width"])*$this->img["height"];
80	}		112	}
		-+	113
			114	function size_height($size=100)
			115	{
			116	// height
			117	$this->img["height_thumb"]=$size;
			118	@$this->img["width_thumb"] = ($this->img["height_thumb"]/$this->img["height"])*$this->img["width"];
			119	}
			120
81	function size_auto($size=100)	=	121	function size_auto($size=100)
82	{		122	{
83	//size	<>	123	// size automatically
84	if ($this->img["width"]>=$this->img["height"]) {		124	if ($this->img["width"]>=$this->img["height"])
			125	{
			126
85	$this->img["width_thumb"]=$size;		127	$this->img["width_thumb"]=$size;
86	@$this->img["height_thumb"] = ($this->img["width_thumb"]/$this->img["width"])*$this->img["height"];	=	128	@$this->img["height_thumb"] = ($this->img["width_thumb"]/$this->img["width"])*$this->img["height"];
		<>	129
			130	}
87	} else {		131	else
			132	{
			133
88	$this->img["height_thumb"]=$size;		134	$this->img["height_thumb"]=$size;
89	@$this->img["width_thumb"] = ($this->img["height_thumb"]/$this->img["height"])*$this->img["width"];	=	135	@$this->img["width_thumb"] = ($this->img["height_thumb"]/$this->img["height"])*$this->img["width"];
90	}	<>	136
			137	}
			138
91	}	=	139	}
92			140
93	function jpeg_quality($quality=80)		141	function jpeg_quality($quality=80)
94	{		142	{
95	//jpeg quality		143	//jpeg quality
96	$this->img["quality"]=$quality;		144	$this->img["quality"]=$quality;
97	}		145	}
		-+	146
			147	function randImage($rand)
			148	{
98		=	149
		<>	150	global $glob;
			151
			152	$bgColor = imagecolorallocate ($this->img["src"], 255, 255, 255);
			153	$textColor = imagecolorallocate ($this->img["src"], 0, 0, 0);
			154	$lineColor = imagecolorallocate ($this->img["src"], 215, 215, 215);
			155
			156	// Add Random polygons
			157
			158	$noise_x = $this->img["width"] - 5;
			159	$noise_y = $this->img["height"] - 2;
			160
			161	for ($i=0; $i<3; $i++){
			162	$polyCoords = array(
			163	rand(5,$noise_x), rand(5,$noise_y),
			164	rand(5,$noise_x), rand(5,$noise_y),
			165	rand(5,$noise_x), rand(5,$noise_y),
			166	rand(5,$noise_x), rand(5,$noise_y),
			167	rand(5,$noise_x), rand(5,$noise_y),
			168	rand(5,$noise_x), rand(5,$noise_y),
			169	rand(5,$noise_x), rand(5,$noise_y),
			170	rand(5,$noise_x), rand(5,$noise_y),
			171	rand(5,$noise_x), rand(5,$noise_y),
			172	rand(5,$noise_x), rand(5,$noise_y),
			173	rand(5,$noise_x), rand(5,$noise_y),
			174	rand(5,$noise_x), rand(5,$noise_y)
			175	);
			176
			177	$randomcolor = imagecolorallocate( $this->img["src"], rand(150,255), rand(150,255),rand(150,255) );
			178	imagefilledpolygon($this->img["src"], $polyCoords, 6, $randomcolor);
			179	}
			180
			181	// write the random chars
			182	$font = imageloadfont($glob['rootDir']."/classes/fonts/anonymous.gdf");
			183	imagestring($this->img["src"], $font, 3, 0, $rand, $textColor);
			184
			185	// Add Random noise
			186	for ($i = 0; $i < 25; $i++)
			187	{
			188
			189	$rx1 = rand(0,$this->img["width"]);
			190	$rx2 = rand(0,$this->img["width"]);
			191	$ry1 = rand(0,$this->img["height"]);
			192	$ry2 = rand(0,$this->img["height"]);
			193	$rcVal = rand(0,255);
			194	$rc1 = imagecolorallocate($this->img["src"],rand(0,255),rand(0,255),rand(100,255));
			195
			196	imageline ($this->img["src"], $rx1, $ry1, $rx2, $ry2, $rc1);
			197	}
			198
			199
			200	$this->show(1);
			201
			202	}
			203
99	function show()		204	function show($skip=0)
100	{	=	205	{
101	global $config;		206	global $config;
102			207
		<>	208	@header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
			209	@header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
			210	@header("Cache-Control: no-store, no-cache, must-revalidate");
			211	@header("Cache-Control: post-check=0, pre-check=0", false);
			212	@header("Pragma: no-cache");
103	@Header("Content-Type: image/".$this->img["format"]);		213	@header("Content-Type: image/".$this->img["format"]);
104			214
			215	if($skip==1)
			216	{
			217
			218	$this->img["des"] = $this->img["src"];
			219
			220	}
105	if ($config['gdversion']==2) {		221	elseif ($config['gdversion']==2)
			222	{
106	$this->img["des"] = imagecreatetruecolor($this->img["width_thumb"],$this->img["height_thumb"]);	=	223	$this->img["des"] = imagecreatetruecolor($this->img["width_thumb"],$this->img["height_thumb"]);
107	@imagecopyresampled ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"],$this->img["height_thumb"], $this->img["width"], $this->img["height"]);		224	@imagecopyresampled ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"],$this->img["height_thumb"], $this->img["width"], $this->img["height"]);
108			225
		<>	226	}
109	} elseif ($config['gdversion']==1) {		227	elseif ($config['gdversion']==1)
			228	{
110	$this->img["des"] = imagecreate($this->img["width_thumb"],$this->img["height_thumb"]);	=	229	$this->img["des"] = imagecreate($this->img["width_thumb"],$this->img["height_thumb"]);
111	@imagecopyresized ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"],$this->img["height_thumb"], $this->img["width"], $this->img["height"]);		230	@imagecopyresized ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"],$this->img["height_thumb"], $this->img["width"], $this->img["height"]);
112	}		231	}
113			232
		<>	233
114	if ($config['gdversion']>0) {		234	if ($config['gdversion']>0)
			235	{
115		=	236
		<>	237	// fix for base restriction error
			238	/*
			239	$fh = fopen($this->img["des"],'w');
			240	fclose($fh);
			241	*/
			242
116	if ($this->img["format"]=="JPG" \|\| $this->img["format"]=="JPEG") {		243	if ($this->img["format"]=="JPG" \|\| $this->img["format"]=="JPEG")
			244	{
117	//JPEG	=	245	//JPEG
118	imageJPEG($this->img["des"],"",$this->img["quality"]);	<>	246	imagejpeg($this->img["des"],"",$this->img["quality"]);
119		=	247
		<>	248	}
120	} elseif ($this->img["format"]=="PNG") {		249	elseif($this->img["format"]=="PNG")
			250	{
121	//PNG	=	251	//PNG
122	imagePNG($this->img["des"]);	<>	252	imagepng($this->img["des"]);
123		=	253
		<>	254	}
124	} elseif ($this->img["format"]=="GIF") {		255	elseif($this->img["format"]=="GIF")
			256	{
125	//GIF	=	257	//GIF
126	imageGIF($this->img["des"]);	<>	258	imagegif($this->img["des"]);
127	}	=	259	}
128			260
129	imagedestroy($this->img["des"]);		261	imagedestroy($this->img["des"]);
130			262
131	}		263	}
132			264
133	}		265	}
134			266
135	function save($save="")		267	function save($save="")
136	{		268	{
137	global $config;		269	global $config;
138			270
139	if ($config['gdversion']==2) {	<>	271	if ($config['gdversion']==2)
			272	{
140	$this->img["des"] = imagecreatetruecolor($this->img["width_thumb"],$this->img["height_thumb"]);	=	273	$this->img["des"] = imagecreatetruecolor($this->img["width_thumb"],$this->img["height_thumb"]);
141	@imagecopyresampled ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"], $this->img["height_thumb"], $this->img["width"], $this->img["height"]);		274	@imagecopyresampled ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"], $this->img["height_thumb"], $this->img["width"], $this->img["height"]);
142			275
		<>	276	}
143	} elseif ($config['gdversion']==1) {		277	elseif ($config['gdversion']==1)
			278	{
144		=	279
145	$this->img["des"] = imagecreate($this->img["width_thumb"],$this->img["height_thumb"]);		280	$this->img["des"] = imagecreate($this->img["width_thumb"],$this->img["height_thumb"]);
146	@imagecopyresized ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"], $this->img["height_thumb"], $this->img["width"], $this->img["height"]);		281	@imagecopyresized ($this->img["des"], $this->img["src"], 0, 0, 0, 0, $this->img["width_thumb"], $this->img["height_thumb"], $this->img["width"], $this->img["height"]);
147	}		282	}
148			283
149	if ($config['gdversion']>0) {	<>	284	if ($config['gdversion']>0)
			285	{
150		=	286
		<>	287	// fix for base restriction error
			288	/*
			289	$fh = fopen($this->img["des"],'w');
			290	fclose($fh);
			291	*/
			292
151	if ($this->img["format"]=="JPG" \|\| $this->img["format"]=="JPEG") {		293	if ($this->img["format"]=="JPG" \|\| $this->img["format"]=="JPEG")
			294	{
152	//JPEG	=	295	//JPEG
153	imageJPEG($this->img["des"],$save,$this->img["quality"]);	<>	296	imagejpeg($this->img["des"],$save,$this->img["quality"]);
154		=	297
		<>	298	}
155	} elseif ($this->img["format"]=="PNG") {		299	elseif ($this->img["format"]=="PNG")
			300	{
156	//PNG	=	301	//PNG
157	imagePNG($this->img["des"],$save);	<>	302	imagepng($this->img["des"],$save);
158		=	303
		<>	304	}
159	} elseif ($this->img["format"]=="GIF") {		305	elseif ($this->img["format"]=="GIF")
			306	{
160	//GIF	=	307	//GIF
161	imageGIF($this->img["des"],$save);	<>	308	imagegif($this->img["des"],$save);
162		=	309
163	}		310	}
164	imagedestroy($this->img["des"]);		311	imagedestroy($this->img["des"]);
165	@chmod($this->img["des"], 0644);		312	@chmod($this->img["des"], 0644);
166			313
167	}		314	}
		-+	315
168	}	=	316	}
		<>	317
169	}	=	318	}
170	?>		319	?>

File: includes\content\tellafriend.inc.php

48		=	48
49	}		49	}
50			50
51	// send email if form is submit		51	// send email if form is submit
52	if(isset($_POST['submit'])){		52	if(isset($_POST['submit'])){
53			53
		<>	54	$spamCode = fetchSpamCode($_POST['ESC'],TRUE);
54	// make email		55
55	include("classes/htmlMimeMail.php");		56	// start validation
			57	if(!isset($_POST['spamcode']) \|\| ($spamCode['SpamCode']!==$_POST['spamcode']) \|\| ($_SERVER['REMOTE_ADDR']!==$spamCode['userIp']))
56			58	{
57	$mail = new htmlMimeMail();		59	$errorMsg = $lang['front']['tellafriend']['error_code'];
58			60
59	$text = sprintf($lang['front']['tellafriend']['email_body'],treatGet($_POST['recipName']),stripslashes(treatGet($_POST['message'])),$GLOBALS['storeURL'],treatGet($_GET['productId']),$GLOBALS['storeURL'],$_SERVER['REMOTE_ADDR']);		61	}
			62	elseif(empty($_POST['senderName']) \|\| empty($_POST['recipName']) )
60			63	{
			64	$errorMsg = $lang['front']['tellafriend']['error_name'];
61	// it must be 3ast3r		65
62	if($_POST['senderName']=="senderName"){		66	}
63	print_r(array($_POST['senderName'],$_POST['senderEmail']));		67	elseif(validateEmail($_POST['senderEmail'])==FALSE \|\| validateEmail($_POST['recipEmail'])==FALSE)
64	exit;		68	{
			69	$errorMsg = $lang['front']['tellafriend']['error_email'];
65	}	=	70	}
		<>	71	else
66			72	{
			73
			74	// make email
			75	include("classes/htmlMimeMail.php");
			76
			77	$mail = new htmlMimeMail();
			78
			79	$text = sprintf($lang['tellafriend']['email_body'],treatGet($_POST['recipName']),stripslashes(treatGet($_POST['message'])),$GLOBALS['storeURL'],treatGet($_GET['productId']),$GLOBALS['storeURL'],$_SERVER['REMOTE_ADDR']);
			80
67	$mail->setText($text);		81	$mail->setText($text);
68	$mail->setReturnPath($_POST['senderEmail']);		82	$mail->setReturnPath($_POST['senderEmail']);
69	$mail->setFrom($_POST['senderName'].' <'.$_POST['senderEmail'].'>');		83	$mail->setFrom($_POST['senderName'].' <'.$_POST['senderEmail'].'>');
70	$mail->setSubject(sprintf($lang['front']['tellafriend']['email_subject'],$_POST['senderName']));		84	$mail->setSubject(sprintf($lang['tellafriend']['email_subject'],$_POST['senderName']));
71	$mail->setHeader('X-Mailer', 'CubeCart Mailer');		85	$mail->setHeader('X-Mailer', 'CubeCart Mailer');
72	$send = $mail->send(array($_POST['recipEmail']), $config['mailMethod']);		86	$send = $mail->send(array($_POST['recipEmail']), $config['mailMethod']);
			87
			88	}
73		=	89
74	}		90	}
75			91
76	$tellafriend=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/tellafriend.tpl");		92	$tellafriend=new XTemplate ("skins/".$config['skinDir']."/styleTemplates/content/tellafriend.tpl");
77			93
78	$tellafriend->assign("PRODUCT_ID",$_GET['productId']);		94	$tellafriend->assign("PRODUCT_ID",$_GET['productId']);
79			95
80	$tellafriend->assign("TAF_TITLE",$lang['front']['tellafriend']['tellafriend']);		96	$tellafriend->assign("TAF_TITLE",$lang['front']['tellafriend']['tellafriend']);
81			97
82	if(isset($_POST['submit'])){	<>	98	if(isset($_POST['submit']) && !isset($errorMsg))
			99	{
			100
83	$tellafriend->assign("TAF_DESC",sprintf($lang['front']['tellafriend']['message_sent'],$_POST['recipName'],$result[0]['name']));		101	$tellafriend->assign("TAF_DESC",sprintf($lang['tellafriend']['message_sent'],$_POST['recipName'],$result[0]['name']));
			102
			103	}
84	} else {		104	else
			105	{
			106
85	$tellafriend->assign("TAF_DESC",sprintf($lang['front']['tellafriend']['fill_out_below'],$result[0]['name']));	=	107	$tellafriend->assign("TAF_DESC",sprintf($lang['front']['tellafriend']['fill_out_below'],$result[0]['name']));
		<>	108
			109	if(isset($errorMsg))
			110	{
			111
			112	$tellafriend->assign("VAL_ERROR",$errorMsg);
			113	$tellafriend->parse("tellafriend.error");
			114
			115	}
			116
			117
			118
86	}	=	119	}
87			120
88	$tellafriend->assign("TXT_RECIP_NAME",$lang['front']['tellafriend']['friends_name']);		121	$tellafriend->assign("TXT_RECIP_NAME",$lang['front']['tellafriend']['friends_name']);
89			122
90	$tellafriend->assign("TXT_RECIP_EMAIL",$lang['front']['tellafriend']['friends_email']);		123	$tellafriend->assign("TXT_RECIP_EMAIL",$lang['front']['tellafriend']['friends_email']);
91			124

108	$tellafriend->assign("VAL_MESSAGE",stripslashes($_POST['message']));	=	141	$tellafriend->assign("VAL_MESSAGE",stripslashes($_POST['message']));
109	} else {		142	} else {
110	$tellafriend->assign("VAL_MESSAGE",sprintf($lang['front']['tellafriend']['default_message'],$result[0]['name']));		143	$tellafriend->assign("VAL_MESSAGE",sprintf($lang['front']['tellafriend']['default_message'],$result[0]['name']));
111	}		144	}
112			145
113	$tellafriend->assign("TXT_SUBMIT",$lang['front']['tellafriend']['send']);		146	$tellafriend->assign("TXT_SUBMIT",$lang['front']['tellafriend']['send']);
		-+	147
			148	// Start Spam Bot Control
			149	if($config['floodControl']==1) {
			150
			151	$spamCode = strtoupper(randomPass(5));
			152	$ESC = createSpamCode($spamCode);
			153
			154	$imgSpambot = imgSpambot($ESC);
			155
			156	$tellafriend->assign("VAL_ESC",$ESC);
			157	$tellafriend->assign("TXT_SPAMBOT",$lang['front']['tellafriend']['spambot']);
			158	$tellafriend->assign("IMG_SPAMBOT",$imgSpambot);
			159	$tellafriend->parse("tellafriend.spambot");
			160	}
114		=	161
115			162
116	$tellafriend->parse("tellafriend");		163	$tellafriend->parse("tellafriend");
117	$page_content = $tellafriend->text("tellafriend");		164	$page_content = $tellafriend->text("tellafriend");
118	?>		165	?>

File: includes\functions.inc.php

661		=	661
662	return FALSE;		662	return FALSE;
663			663
664	}		664	}
665			665
666	}		666	}
		<>	667
			668	//////////////////////////////////
			669	// fetch SpamCode
			670	////////
			671	function fetchSpamCode($ESC,$del=FALSE)
			672	{
			673
			674	global $db, $glob;
			675
			676	// check DB
			677	$result = $db->select("SELECT SpamCode, userIp FROM ".$glob['dbprefix']."CubeCart_SpamBot WHERE uniqueId = ".$db->mySQLSafe($ESC));
			678
			679	if($result==TRUE)
			680	{
			681
			682	if($del==TRUE)
			683	{
			684	// delete this SpamCode and any older ones lingering
			685	$db->delete($glob['dbprefix']."CubeCart_SpamBot", "uniqueId = ".$db->mySQLSafe($ESC)." OR `time` < ".time()-3600);
			686
			687	}
			688
			689	return $result[0];
			690
			691	}
			692	else
			693	{
			694
			695	return FALSE;
			696
			697	}
			698
			699	}
			700
			701	//////////////////////////////////
			702	// create SpamCode
			703	////////
			704	function createSpamCode($spamCode)
			705	{
			706
			707	global $db, $glob;
			708
			709	$uniqueId = makeSessId();
			710
			711	$data['uniqueId'] = $db->mySQLSafe($uniqueId);
			712	$data['time'] = $db->mySQLSafe(time());
			713	$data['spamCode'] = $db->mySQLSafe($spamCode);
			714	$data['userIp'] = $db->mySQLSafe($_SERVER['REMOTE_ADDR']);
			715
			716	// insert into DB
			717	$insert = $db->insert($glob['dbprefix']."CubeCart_SpamBot", $data);
			718
			719	return $uniqueId;
			720
			721	}
			722
			723	//////////////////////////////////
			724	// get spambot image
			725	////////
			726	function imgSpambot($encodedSpamCode,$path='')
			727	{
			728
			729	global $config;
			730
			731	if($config['gdversion']>0)
			732	{
			733
			734	$imgSpambot = "<img src=\"".$path."images/random/verifyGD.php?esc=".$encodedSpamCode."\" alt=\"\" title=\"\" />";
			735
			736	}
			737	else
			738	{
			739
			740	$imgSpambot = "<img src=\"".$path."images/random/verifySTD.php?esc=".$encodedSpamCode."&n=1\" alt=\"\" title=\"\" />\r\n";
			741	$imgSpambot .= "<img src=\"".$path."images/random/verifySTD.php?esc=".$encodedSpamCode."&n=2\" alt=\"\" title=\"\" />\r\n";
			742	$imgSpambot .= "<img src=\"".$path."images/random/verifySTD.php?esc=".$encodedSpamCode."&n=3\" alt=\"\" title=\"\" />\r\n";
			743	$imgSpambot .= "<img src=\"".$path."images/random/verifySTD.php?esc=".$encodedSpamCode."&n=4\" alt=\"\" title=\"\" />\r\n";
			744	$imgSpambot .= "<img src=\"".$path."images/random/verifySTD.php?esc=".$encodedSpamCode."&n=5\" alt=\"\" title=\"\" />\r\n";
			745
			746	}
			747
			748	return $imgSpambot;
			749
			750	}
667	?>	=	751	?>

File: includes\ini.inc.php

1	<?php	=	1	<?php
2	error_reporting(E_ALL ^ E_NOTICE);		2	error_reporting(E_ALL ^ E_NOTICE);
3	@ini_set("display_errors", "1");		3	@ini_set("display_errors", "1");
4	@ini_set("arg_separator.output","&");		4	@ini_set("arg_separator.output","&");
5	$ini['ver'] = '3.0.11';	<>	5	$ini['ver'] = '3.0.12';
6	$ini['CCver'] = '30016';		6	$ini['CCver'] = '30017';
7	$sslPages = array("unsubscribe" => 1,"login" => 1,"logout" => 1,"forgotPass" => 1,"account" => 1,"profile" => 1,"changePass" => 1,"newsletter" => 1,"cart" => 1,"step1" => 1,"step2" => 1,"step3" => 1,"step4" => 1,"step5" => 1,"reg" => 1,"viewOrders" => 1,"viewOrder" => 1,"confirmed" => 1);	=	7	$sslPages = array("unsubscribe" => 1,"login" => 1,"logout" => 1,"forgotPass" => 1,"account" => 1,"profile" => 1,"changePass" => 1,"newsletter" => 1,"cart" => 1,"step1" => 1,"step2" => 1,"step3" => 1,"step4" => 1,"step5" => 1,"reg" => 1,"viewOrders" => 1,"viewOrder" => 1,"confirmed" => 1);
8	?>		8	?>

File: install\db\schema.inc.php

 <?php
 if(isset($_POST['dropTables']) && $_POST['dropTables']==1){
 $db->misc("DROP TABLE IF EXISTS `".$_POST['dbprefix']."CubeCart_cats_lang`, `".$_POST['dbprefix']."CubeCart_Downloads`, `".$_POST['dbprefix']."CubeCart_Modules`, `".$_POST['dbprefix']."CubeCart_admin_permissions`, `".$_POST['dbprefix']."CubeCart_admin_sections`, `".$_POST['dbprefix']."CubeCart_admin_sessions`, `".$_POST['dbprefix']."CubeCart_admin_users`, `".$_POST['dbprefix']."CubeCart_category`, `".$_POST['dbprefix']."CubeCart_cats_idx`, `".$_POST['dbprefix']."CubeCart_config`, `".$_POST['dbprefix']."CubeCart_currencies`, `".$_POST['dbprefix']."CubeCart_customer`, `".$_POST['dbprefix']."CubeCart_docs`, `".$_POST['dbprefix']."CubeCart_docs_lang`, `".$_POST['dbprefix']."CubeCart_img_idx`, `".$_POST['dbprefix']."CubeCart_inv_lang`, `".$_POST['dbprefix']."CubeCart_inventory`, `".$_POST['dbprefix']."CubeCart_iso_counties`, `".$_POST['dbprefix']."CubeCart_iso_countries`, `".$_POST['dbprefix']."CubeCart_options_bot`, `".$_POST['dbprefix']."CubeCart_options_mid`, `".$_POST['dbprefix']."CubeCart_options_top`, `".$_POST['dbprefix']."CubeCart_order_inv`, `".$_POST['dbprefix']."CubeCart_order_state`, `".$_POST['dbprefix']."CubeCart_order_sum`, `".$_POST['dbprefix']."CubeCart_search`, `".$_POST['dbprefix']."CubeCart_sessions`, `".$_POST['dbprefix']."CubeCart_taxes`;");
 }
+$db->misc("CREATE TABLE `".$_POST['dbprefix']."CubeCart_SpamBot` (
+                        `uniqueId` varchar(32) NOT NULL,
+                        `spamCode` varchar(5) NOT NULL,
+                        `userIp` varchar(15) NOT NULL,
+                        `time` int(10) NOT NULL default '0',
+                        PRIMARY KEY  (`uniqueId`),
+                        UNIQUE KEY `uniqueId` (`uniqueId`)
+                        ) ENGINE=MyISAM");
 $db->misc("CREATE TABLE `".$_POST['dbprefix']."CubeCart_config` (
           `name` varchar(100) NOT NULL default '',
           `array` text NOT NULL,
           KEY `name` (`name`)
         ) TYPE=MyISAM;");

File: language\cn\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP ¥D¾÷:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "¿Ë·Rªº %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Æ[¬Ý¦¹°Ó«~½ÐÂI¿ï¤U¦Cºô§}:
 'postalAddress' => "¶l±H¦a§}:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "µ¥«Ý³B²z",
 '2' => "¶i¦æ³B²z",
 '3' => "³B²z§¹¦¨",

File: language\de\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Sehr geehrte(r) %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Um diesen Artikel zu sehen klicken Sie auf folgenden Link:
 'postalAddress' => "Postal address:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Pending",
 '2' => "Processing",
 '3' => "Completed",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\dk\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Kære %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Følg venligst nedenstående link for at se dette produkt:
 'postalAddress' => "Postal address:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Pending",
 '2' => "Processing",
 '3' => "Completed",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\en\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Dear %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 To view this product please follow the link below:
 'postalAddress' => "Postal address:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Pending",
 '2' => "Processing",
 '3' => "Completed",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\es\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Estimado %s,
 %s
 'postalAddress' => "Postal address:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Pending",
 '2' => "Processing",
 '3' => "Completed",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\fi\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Palvelin:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Hyvä asiakkaamme %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Nähdäksesi tuotteen tiedot, klikkaa seuraavaa linkkiä:
 'postalAddress' => "Käyntiosoite:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Odottaa käsittelyä",
 '2' => "Käsittelyssä",
 '3' => "Tilaus toimitettu",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\fr\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "Hote SMTP:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Cher(e) %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Pour voir l'article, cliquez sur le lien ci-dessous :
 'postalAddress' => "Adresse de la boutique:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "En attente de paiement",
 '2' => "En Préparation",
 '3' => "Expédié",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\nl\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Beste %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Om het product te bekijken volg onderstaande link:
 'postalAddress' => "ostadres:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Pending",
 '2' => "Processing",
 '3' => "Completed",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\no\lang.inc.php

 'no_assigned_opts' => "Ingen valg er tildelt noe produkt.",
 'prods_made_1st' => "Produkt må legges til før valg kan bli laget.",
 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 'tandcs' => "Vilkår; ",
 'please_read' => "Vennligst sørg for å les våre",
 );
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Kjære %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 For å se dette produktet, trykk på linken under:
 'postalAddress' => "Postal address:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Pending",
 '2' => "Processing",
 '3' => "Completed",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\pl\lang.inc.php

 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Szanowna(ny) %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Zobacz ten produkt za pomoc± poni¿szego linku:
 'postalAddress' => "Adres pocztowy:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Zg³oszone",
 '2' => "W trakcie",
 '3' => "Za³atwione",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\pt\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Estimado %s,
 %s
 'postalAddress' => "Postal address:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Pending",
 '2' => "Processing",
 '3' => "Completed",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\se\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP Host:",
 );
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Kära %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 För att granska denna produkt var då vänlig och följ länken nedan:
 'postalAddress' => "Postadress:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Avvaktar",
 '2' => "Bearbetas",
 '3' => "Skickad",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: language\sk\lang.inc.php

 );
 $lang['admin']['settings'] = array (
+'spambot' => "<strong>Enable Script/Bot Flood Control?</strong><br />
+Forces users to enter a code on registration, tell a friend etc to prevent bot's from spamming the store.",
 //////////////////////////////////////////
 // START: Added in 3.0.3
 //////////////////
 'smtpHost' => "SMTP hostite¾:",
 $lang['front']['tellafriend'] = array(
+'fill_out_below' => "Please submit the form below to tell a friend about '%s'.",
+'error_code' => "Either no security code was entered or it did not match the characters in the image.",
+'error_name' => "Please enter both your name and the recipients name.",
+'error_email' => "Please make sure both your email address and the recipients is valid.",
+'spambot' => "Security Code:",
 'email_body' => "Dear %s,
 %s
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Ak chcete zobrazi podrobnosti o tomto produkte, kliknite prosím na nasledujúcu linku:
 'postalAddress' => "Poštová adresa:",
 );
 $lang['orderState'] = array(
+'6' => "Cancelled",
+'7' => "Uncleared",
 '1' => "Èaká na spracovanie",
 '2' => "Spracováva sa",
 '3' => "Vybavená",
 'state' => "State:",
 'zipcode' => "Zip/Post Code:",
 'country' => "Country:",
 );
 //////////////////////////////////////////
 // END: Added in 3.0.7
 //////////////////
 // now we need to include the config file
 include("config.inc.php");
 ?>

File: modules\gateway\Authorize\confirmed.php

62	// 2. Include function which returns ture or false	=	62	// 2. Include function which returns ture or false
63			63
64	$success = successFirst();		64	$success = successFirst();
65			65
66	if($success == TRUE){		66	if($success == TRUE){
67			67
68	$cart_order_id = $_POST['x_invoice_num'];	<>	68	//$cart_order_id = $_POST['x_invoice_num'];
69	include_once("../../../includes/orderSuccess.inc.php");		69	//include_once("../../../includes/orderSuccess.inc.php");
70	$result = "?pg=".base64_encode("Authorize");	=	70	$result = "?pg=".base64_encode("Authorize");
71			71
72	} else {		72	} else {
73			73
74	$result = "?f=1&pg=".base64_encode("Authorize");		74	$result = "?f=1&pg=".base64_encode("Authorize");
75			75

File: modules\gateway\Authorize\transfer.inc.php

231	$formAction = "https://secure.authorize.net/gateway/transact.dll";	=	231	$formAction = "https://secure.authorize.net/gateway/transact.dll";
232	}		232	}
233			233
234	$formMethod = "post";		234	$formMethod = "post";
235	$formTarget = "_self";		235	$formTarget = "_self";
236	$transfer = "auto";		236	$transfer = "auto";
237	$stateUpdate = FALSE;	<>	237	$stateUpdate = TRUE;
238	?>	=	238	?>

File: modules\gateway\ccNow\transfer.inc.php

91		=	91
92	global $i, $orderInv;		92	global $i, $orderInv;
93			93
94	$hiddenVars = "<input type='hidden' name='x_product_sku_".$i."' value='".$orderInv['productCode']."' />		94	$hiddenVars = "<input type='hidden' name='x_product_sku_".$i."' value='".$orderInv['productCode']."' />
95	<input type='hidden' name='x_product_title_".$i."' value='".$orderInv['name']."' />		95	<input type='hidden' name='x_product_title_".$i."' value='".$orderInv['name']."' />
96	<input type='hidden' name='x_product_quantity_".$i."' value='".$orderInv['quantity']."' />		96	<input type='hidden' name='x_product_quantity_".$i."' value='".$orderInv['quantity']."' />
97	<input type='hidden' name='x_product_unitprice_".$i."' value='".sprintf("%.2f",$orderInv['price'])."' />	<>	97	<input type='hidden' name='x_product_unitprice_".$i."' value='".sprintf("%.2f",$orderInv['price']/$orderInv['quantity'])."' />
98	<input type='hidden' name='x_product_url_".$i."' value='".$GLOBALS['storeURL']."/index.php?act=viewProd&productId=".$orderInv['productId']."' />";	=	98	<input type='hidden' name='x_product_url_".$i."' value='".$GLOBALS['storeURL']."/index.php?act=viewProd&productId=".$orderInv['productId']."' />";
99			99
100	return $hiddenVars;		100	return $hiddenVars;
101			101
102	}		102	}
103			103

File: modules\gateway\Print_Order_Form\transfer.inc.php

17		=	17
18	}		18	}
19			19
20	///////////////////////////		20	///////////////////////////
21	// Other Vars		21	// Other Vars
22	////////		22	////////
23	$formAction = $glob['storeURL']."/modules/gateway/Print_Order_Form/orderForm.php";	<>	23	$formAction = $GLOBALS['rootRel']."/modules/gateway/Print_Order_Form/orderForm.php";
24	$formMethod = "post";	=	24	$formMethod = "post";
25	$formTarget = "_self";		25	$formTarget = "_self";
26	$transfer = "auto";		26	$transfer = "auto";
27	?>		27	?>

File: modules\gateway\Protx\confirmed.php

62	// 2. Include function which returns ture or false	=	62	// 2. Include function which returns ture or false
63			63
64	$success = successFirst();		64	$success = successFirst();
65			65
66	if($success == TRUE){		66	if($success == TRUE){
67			67
68	$cart_order_id = base64_decode($_GET['oid']);	<>	68	//$cart_order_id = base64_decode($_GET['oid']);
69	include_once("../../../includes/orderSuccess.inc.php");		69	//include_once("../../../includes/orderSuccess.inc.php");
70	$result = "?pg=".base64_encode("Protx");	=	70	$result = "?pg=".base64_encode("Protx");
71			71
72	} else {		72	} else {
73			73
74	$result = "?f=1&pg=".base64_encode("Protx");		74	$result = "?f=1&pg=".base64_encode("Protx");
75			75

File: modules\gateway\Protx\transfer.inc.php

331		=	331
332	}		332	}
333			333
334	$formMethod = "post";		334	$formMethod = "post";
335	$formTarget = "_self";		335	$formTarget = "_self";
336	$transfer = "auto";		336	$transfer = "auto";
337	$stateUpdate = FALSE;	<>	337	$stateUpdate = TRUE;
338	?>	=	338	?>

File: modules\shipping\Per_Category\calc.php

39	if($taxVal>0){	=	39	if($taxVal>0){
40			40
41	$val = ($taxVal / 100) * $sum;		41	$val = ($taxVal / 100) * $sum;
42	$sum = $sum + $val;		42	$sum = $sum + $val;
43	}		43	}
44			44
		<>	45
45	if($sum == 0){	=	46	if($sum == 0){
46	$sum = 0.00;		47	$sum = 0.00;
47	}		48	}
48			49
49	$shippingPrice .= "<option value='".$shipKey."'";		50	$shippingPrice .= "<option value='".$shipKey."'";
50			51

File: skins\Classic\styleTemplates\content\tellafriend.tpl

1	<!-- BEGIN: tellafriend -->	=	1	<!-- BEGIN: tellafriend -->
2	<div class="boxContent">		2	<div class="boxContent">
3			3
4	<span class="txtContentTitle">{TAF_TITLE}</span>		4	<span class="txtContentTitle">{TAF_TITLE}</span>
		<>	5	<!-- BEGIN: error -->
			6	<p class="txtError">{VAL_ERROR}</p>
5			7	<!-- END: error -->
6	<p>{TAF_DESC}</p>	=	8	<p>{TAF_DESC}</p>
7			9
8	<form action="index.php?act=taf&productId={PRODUCT_ID}" target="_self" method="post">		10	<form action="index.php?act=taf&productId={PRODUCT_ID}" target="_self" method="post">
9	<table border="0" cellspacing="0" cellpadding="3" align="center">		11	<table border="0" cellspacing="0" cellpadding="3" align="center">
10	<tr>		12	<tr>
11	<td align="right"><strong>{TXT_RECIP_NAME}</strong></td>		13	<td align="right"><strong>{TXT_RECIP_NAME}</strong></td>

20	<td><input type="text" name="senderName" class="textbox" value="{VAL_SENDER_NAME}" /></td>	=	22	<td><input type="text" name="senderName" class="textbox" value="{VAL_SENDER_NAME}" /></td>
21	</tr>		23	</tr>
22	<tr>		24	<tr>
23	<td align="right"><strong>{TXT_SENDER_EMAIL}</strong></td>		25	<td align="right"><strong>{TXT_SENDER_EMAIL}</strong></td>
24	<td><input type="text" name="senderEmail" class="textbox" value="{VAL_SENDER_EMAIL}" /></td>		26	<td><input type="text" name="senderEmail" class="textbox" value="{VAL_SENDER_EMAIL}" /></td>
25	</tr>		27	</tr>
		-+	28	<!-- BEGIN: spambot -->
			29	<tr>
			30	<td align="right" valign="bottom"><strong>{TXT_SPAMBOT}</strong></td>
			31	<td>{IMG_SPAMBOT}<br />
			32	<input name="spamcode" type="text" class="textbox" value="" size="5" maxlength="5" /></td></tr>
			33	<!-- END: spambot -->
26	<tr>	=	34	<tr>
27	<td align="right" valign="top"><strong>{TXT_MESSAGE}</strong></td>		35	<td align="right" valign="top"><strong>{TXT_MESSAGE}</strong></td>
28	<td><textarea name="message" cols="30" rows="5" class="textbox">{VAL_MESSAGE}</textarea></td>		36	<td><textarea name="message" cols="30" rows="5" class="textbox">{VAL_MESSAGE}</textarea></td>
29	</tr>		37	</tr>
30	<tr>		38	<tr>
31	<td> </td>		39	<td> </td>
32	<td><input name="submit" type="submit" value="{TXT_SUBMIT}" class="submit" /></td>		40	<td><input name="submit" type="submit" value="{TXT_SUBMIT}" class="submit" /></td>
33	</tr>		41	</tr>
34	</table>		42	</table>
		-+	43	<input name="ESC" type="hidden" value="{VAL_ESC}" />
35	</form>	=	44	</form>
36			45
37	</div>		46	</div>
38	<!-- END: tellafriend -->		47	<!-- END: tellafriend -->

File: skins\Killer\styleTemplates\content\tellafriend.tpl

1	<!-- BEGIN: tellafriend -->	=	1	<!-- BEGIN: tellafriend -->
2	<div class="boxContent">		2	<div class="boxContent">
3			3
4	<span class="txtContentTitle">{TAF_TITLE}</span>		4	<span class="txtContentTitle">{TAF_TITLE}</span>
		<>	5	<!-- BEGIN: error -->
			6	<p class="txtError">{VAL_ERROR}</p>
5			7	<!-- END: error -->
6	<p>{TAF_DESC}</p>	=	8	<p>{TAF_DESC}</p>
7			9
8	<form action="index.php?act=taf&productId={PRODUCT_ID}" target="_self" method="post">		10	<form action="index.php?act=taf&productId={PRODUCT_ID}" target="_self" method="post">
9	<table border="0" cellspacing="0" cellpadding="3" align="center">		11	<table border="0" cellspacing="0" cellpadding="3" align="center">
10	<tr>		12	<tr>
11	<td align="right"><strong>{TXT_RECIP_NAME}</strong></td>		13	<td align="right"><strong>{TXT_RECIP_NAME}</strong></td>

20	<td><input type="text" name="senderName" class="textbox" value="{VAL_SENDER_NAME}" /></td>	=	22	<td><input type="text" name="senderName" class="textbox" value="{VAL_SENDER_NAME}" /></td>
21	</tr>		23	</tr>
22	<tr>		24	<tr>
23	<td align="right"><strong>{TXT_SENDER_EMAIL}</strong></td>		25	<td align="right"><strong>{TXT_SENDER_EMAIL}</strong></td>
24	<td><input type="text" name="senderEmail" class="textbox" value="{VAL_SENDER_EMAIL}" /></td>		26	<td><input type="text" name="senderEmail" class="textbox" value="{VAL_SENDER_EMAIL}" /></td>
25	</tr>		27	</tr>
		-+	28	<!-- BEGIN: spambot -->
			29	<tr>
			30	<td align="right" valign="bottom"><strong>{TXT_SPAMBOT}</strong></td>
			31	<td>{IMG_SPAMBOT}<br />
			32	<input name="spamcode" type="text" class="textbox" value="" size="5" maxlength="5" /></td></tr>
			33	<!-- END: spambot -->
26	<tr>	=	34	<tr>
27	<td align="right" valign="top"><strong>{TXT_MESSAGE}</strong></td>		35	<td align="right" valign="top"><strong>{TXT_MESSAGE}</strong></td>
28	<td><textarea name="message" cols="30" rows="5" class="textbox">{VAL_MESSAGE}</textarea></td>		36	<td><textarea name="message" cols="30" rows="5" class="textbox">{VAL_MESSAGE}</textarea></td>
29	</tr>		37	</tr>
30	<tr>		38	<tr>
31	<td> </td>		39	<td> </td>
32	<td><input name="submit" type="submit" value="{TXT_SUBMIT}" class="submit" /></td>		40	<td><input name="submit" type="submit" value="{TXT_SUBMIT}" class="submit" /></td>
33	</tr>		41	</tr>
34	</table>		42	</table>
		-+	43	<input name="ESC" type="hidden" value="{VAL_ESC}" />
35	</form>	=	44	</form>
36			45
37	</div>		46	</div>
38	<!-- END: tellafriend -->		47	<!-- END: tellafriend -->

File: skins\Legend\styleTemplates\content\tellafriend.tpl

1	<!-- BEGIN: tellafriend -->	=	1	<!-- BEGIN: tellafriend -->
2	<div class="boxContent">		2	<div class="boxContent">
3			3
4	<span class="txtContentTitle">{TAF_TITLE}</span>		4	<span class="txtContentTitle">{TAF_TITLE}</span>
		<>	5	<!-- BEGIN: error -->
			6	<p class="txtError">{VAL_ERROR}</p>
5			7	<!-- END: error -->
6	<p>{TAF_DESC}</p>	=	8	<p>{TAF_DESC}</p>
7			9
8	<form action="index.php?act=taf&productId={PRODUCT_ID}" target="_self" method="post">		10	<form action="index.php?act=taf&productId={PRODUCT_ID}" target="_self" method="post">
9	<table border="0" cellspacing="0" cellpadding="3" align="center">		11	<table border="0" cellspacing="0" cellpadding="3" align="center">
10	<tr>		12	<tr>
11	<td align="right"><strong>{TXT_RECIP_NAME}</strong></td>		13	<td align="right"><strong>{TXT_RECIP_NAME}</strong></td>

20	<td><input type="text" name="senderName" class="textbox" value="{VAL_SENDER_NAME}" /></td>	=	22	<td><input type="text" name="senderName" class="textbox" value="{VAL_SENDER_NAME}" /></td>
21	</tr>		23	</tr>
22	<tr>		24	<tr>
23	<td align="right"><strong>{TXT_SENDER_EMAIL}</strong></td>		25	<td align="right"><strong>{TXT_SENDER_EMAIL}</strong></td>
24	<td><input type="text" name="senderEmail" class="textbox" value="{VAL_SENDER_EMAIL}" /></td>		26	<td><input type="text" name="senderEmail" class="textbox" value="{VAL_SENDER_EMAIL}" /></td>
25	</tr>		27	</tr>
		-+	28	<!-- BEGIN: spambot -->
			29	<tr>
			30	<td align="right" valign="bottom"><strong>{TXT_SPAMBOT}</strong></td>
			31	<td>{IMG_SPAMBOT}<br />
			32	<input name="spamcode" type="text" class="textbox" value="" size="5" maxlength="5" /></td></tr>
			33	<!-- END: spambot -->
26	<tr>	=	34	<tr>
27	<td align="right" valign="top"><strong>{TXT_MESSAGE}</strong></td>		35	<td align="right" valign="top"><strong>{TXT_MESSAGE}</strong></td>
28	<td><textarea name="message" cols="30" rows="5" class="textbox">{VAL_MESSAGE}</textarea></td>		36	<td><textarea name="message" cols="30" rows="5" class="textbox">{VAL_MESSAGE}</textarea></td>
29	</tr>		37	</tr>
30	<tr>		38	<tr>
31	<td> </td>		39	<td> </td>
32	<td><input name="submit" type="submit" value="{TXT_SUBMIT}" class="submit" /></td>		40	<td><input name="submit" type="submit" value="{TXT_SUBMIT}" class="submit" /></td>
33	</tr>		41	</tr>
34	</table>		42	</table>
		-+	43	<input name="ESC" type="hidden" value="{VAL_ESC}" />
35	</form>	=	44	</form>
36			45
37	</div>		46	</div>
38	<!-- END: tellafriend -->		47	<!-- END: tellafriend -->