forked from cunaedy/Cart-Engine
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathajax.php
More file actions
119 lines (100 loc) · 4.18 KB
/
ajax.php
File metadata and controls
119 lines (100 loc) · 4.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<?php
require './includes/user_init.php';
$cmd = get_param('cmd');
$q = get_param('query');
$limit = 20;
switch ($cmd) {
case 'userOk':
if (!empty($q)) {
$foo = sql_qquery("SELECT user_id FROM ".$db_prefix."user WHERE user_id='$q' LIMIT 1");
if (!empty($foo) || !preg_match("/^[[:alnum:]]+$/", $q)) {
flush_json(0) ;
} else {
flush_json(1);
} // 1 = username is ok
}
break;
case 'emailOk':
if (!empty($q)) {
if ($isLogin) {
$foo = sql_qquery("SELECT user_email FROM ".$db_prefix."user WHERE (user_email='$q') AND (user_id!='$current_user_id') LIMIT 1");
} else {
$foo = sql_qquery("SELECT user_email FROM ".$db_prefix."user WHERE user_email='$q' LIMIT 1");
}
if (!empty($foo) || !validate_email_address($q)) {
flush_json(0);
} else {
flush_json(1);
} // 1 = email is ok
}
break;
case 'search_filter':
$cat_id = get_param('cat_id');
$price = get_param('price');
$distro_id = get_param('distro_id');
$search_mode = get_param('search_mode');
$output = $row = $txt = array();
// category
if ($search_mode == 'list') {
$cat_list = false;
$txt['cat_select'] = $ce_cache['cat_structure'][$cat_id];
} else {
$cat_list = true;
$txt['cat_select'] = create_select_form('cat_id', $ce_cache['cat_structure_top'], $cat_id, '('.$lang['l_all'].')');
}
// price
$txt['price_max'] = $max = $ce_cache['cfg']['max_price'];
$txt['num_currency'] = $config['num_currency'];
$foo = explode(';', $price);
$price_from = empty($foo[0]) ? 0 : $foo[0];
$price_to = empty($foo[1]) ? $txt['price_max'] : $foo[1];
$txt['price_from'] = ($price_from < 0) ? 0 : $price_from;
$txt['price_to'] = ($price_to > $max) ? $max : $price_to;
// brands
$txt['distro_select'] = create_select_form('distro_id', $ce_cache['distro'], $distro_id, '('.$lang['l_all'].')');
// cf
$res = sql_query("SELECT * FROM ".$db_prefix."product_cf_define WHERE ((cf_category='') OR (cf_category LIKE '%,$cat_id,%')) AND is_searchable='1' ORDER BY cf_type"); // all categories cf
while ($row = sql_fetch_array($res)) {
$key = 'cf_'.$row['idx'];
$val = stripslashes(get_param($key));
switch ($row['cf_type']) {
case 'select':
$foo = explode("\r\n", $row['cf_option']);
$fii = safe_send($foo, true);
$val = str_replace('=', '%3D', $val); // as browser replace = with %3D, we need to restore the value
$foo = array_pair($fii, $foo, '('.$lang['l_all'].')');
$field = create_select_form($key, $foo, $val);
break;
case 'multi':
// definition
$foo = explode("\r\n", $row['cf_option']);
$foo = array_pair(safe_send($foo, true), $foo);
// value
if (empty($val)) {
$fii = checkbox_param($key, 'get', true);
if (!empty($fii)) {
$val = implode("\r\n", $fii);
}
} else {
$fii = array(str_replace('=', '%3D', $val));
}
// form
$field = create_checkbox_form($key, $foo, $fii, 1);
break;
case 'rating':
$field = create_radio_form($key, $rating_def, $val);
break;
default:
$field = false;
break;
}
if ($field) {
$row['field'] = $field;
$output[] = quick_tpl($tpl_section['cf_list'], $row);
}
}
$txt['cat_id'] = $cat_id;
$txt['cf_list'] = implode($output, "\n");
echo quick_tpl(load_tpl('var', $tpl_section['cf_form']), $txt);
break;
}