"); echo("

ERROR

"); echo(""); echo("
 
"); echo("
$string

 

"); echo("

If you require help please contact DoodleIT

"); echo(""); exit(); } function upload_images($image,$type,$d,$f,$id) { require("config.php"); $smallimage = $path . $id . "_thumb_$d.jpg"; $bigimage = $path . $id . "_original_$d.jpg"; delete_image($id, $d); if (!strstr($type,"jpeg")) { message("Invalid Upload Image","You must upload a JPEG image. The image you uploaded was $type");} $size = GetImageSize($image); $sizeh = $size[1]; $sizew = $size[0]; $proport = $sizeh / $sizew; $new_height = $proport * $new_width; if ($new_height < $max_height) { $createdimage = imagecreatefromjpeg("$image"); $destimage = imagecreatetruecolor($new_width,$new_height); if(!$destimage) { message("GD PROBLEM","You do not have GD version 2.0 on your server.

To rectify this open config/functions.php and replace all occurences of imagecreatetruecolor with imagecreate."); } $output_img = imagecopyresized($destimage, $createdimage, 0, 0, 0, 0, $new_width, $new_height,$sizew,$sizeh); if(!$output_img) { message("GD PROBLEM","imagecopyresized error."); } $imagejpeg = imagejpeg($destimage,$smallimage); if(!$imagejpeg) { message("Unable To Create Thumbnail","Please make sure you have set the permissions of your $uploads_dir to 0777"); } } else { $new_width = (($sizew / $sizeh) * $max_height); $createdimage = imagecreatefromjpeg("$image"); $destimage = imagecreatetruecolor($new_width,$max_height); if(!$destimage) { message("GD PROBLEM","You do not have GD version 2.0 on your server.

To rectify this open config/functions.php and replace all occurences of imagecreatetruecolor with imagecreate."); } $output_img = imagecopyresized($destimage, $createdimage, 0, 0, 0, 0, $new_width, $max_height,$sizew,$sizeh); if(!$output_img) { message("GD PROBLEM","imagecopyresized error."); } $imagejpeg = imagejpeg($destimage,$smallimage); if(!$imagejpeg) { message("Unable To Create Thumbnail","Please make sure you have set the permissions of your $uploads_dir to 0777"); } } move_uploaded_file ($image,$bigimage); return 1; } function delete_image($id,$d) { require("config.php"); $smallimage = $path . $id . "_thumb_$d.jpg"; $bigimage = $path . $id . "_original_$d.jpg"; if (file_exists($smallimage)) { unlink($smallimage); } if (file_exists($bigimage)) { unlink($bigimage); } } function check_login($my_session) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT username from cart_login_$shop_code where session='$my_session'", $connection); while ($row = mysql_fetch_array($query)) { $username = $row["username"]; } return $username; } function get_postage($weight) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT price from cart_weights_$shop_code where weightfrom <= '$weight' and weightto > '$weight' ", $connection); while ($row = mysql_fetch_array($query)) { $price = $row["price"]; } return $price; } function cart_rows($my_session,$filename) { require("config.php"); if(!function_exists(dynamic_menu)) { include("../embroideredtowels/dynamic.php"); } $connection = mysql_connect($host,$usr,$pwd); $summary = cart_summary($my_session); $array = array(); $query = mysql_db_query($db, "SELECT * FROM cart_temp_$shop_code where session='$my_session' and product_show != 'N' ", $connection); if(!mysql_num_rows($query)) { $filename = "shop_cart_empty.html"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("Xpage_fromX", $_SESSION['cart_url'], $contents); $contents = str_replace("Xsummary_priceX", $summary[0], $contents); $contents = str_replace("Xsummary_qtyX", $summary[1], $contents); $contents = str_replace(Xdynamic_menuX, dynamic_menu(), $contents); $contents = str_replace("Z~", $currency, $contents); print $contents; fclose ($handle); exit(); } while ($row = mysql_fetch_array($query)) { $product_name = $row["product_name"]; $short_description = $row["short_description"]; $product_code = $row["product_code"]; $product_price = $row["product_price"]; $product_tax = $row["product_tax"]; $product_weight = $row["product_weight"]; $product_quantity = $row["product_quantity"]; $id = $row["id"]; $product_price_total = $product_price * $product_quantity; $product_price_total = sprintf("%.2f",$product_price_total); $product_name = stripslashes($product_name); $short_description = stripslashes($short_description); $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("XquantityX", $product_quantity, $contents); $contents = str_replace("Xproduct_nameX", $product_name, $contents); $contents = str_replace("Xshort_descriptionX", $short_description, $contents); $contents = str_replace("Xproduct_codeX", $product_code, $contents); $contents = str_replace("XpriceX", $product_price, $contents); $contents = str_replace("XtotalX", $product_price_total, $contents); $contents = str_replace("Xproduct_taxX", $product_tax, $contents); $contents = str_replace("Xproduct_weightX", $product_weight, $contents); $contents = str_replace("XidX", $id, $contents); $contents = str_replace("Xpage_fromX", $from, $contents); $contents = str_replace("Z~", $currency, $contents); array_push($array,$contents); fclose ($handle); } return implode("\n", $array); } function cart_details($my_session,$country,$delivery_country) { $array = array(); $subtotal = 0; $weight = 0; $taxable = 0; require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT * FROM cart_temp_$shop_code where session='$my_session'", $connection); while ($row = mysql_fetch_array($query)) { $product_price = $row["product_price"]; $product_weight = $row["product_weight"]; $product_quantity = $row["product_quantity"]; $product_tax = $row["product_tax"]; $subtotal += ($product_price * $product_quantity); $weight += ($product_weight * $product_quantity); if($product_tax == "Yes") { $taxable += ($product_price * $product_quantity); } } $postage = get_postage($weight); $delivery_multiplier = get_dm($delivery_country); $tax = get_tax($country); $postage = $postage * $delivery_multiplier; $tax = ($taxable * $tax) +($postage * $tax) - ($tax * total_discount($my_session)); $total = $subtotal + $postage + $tax; $subtotal = sprintf("%.2f",$subtotal); $postage = sprintf("%.2f",$postage); $taxable = sprintf("%.2f",$taxable); $tax = sprintf("%.2f",$tax); $total = sprintf("%.2f",$total); $discount = sprintf("%.2f",total_discount($my_session)); array_push($array, $subtotal); array_push($array, $weight); array_push($array, $taxable); array_push($array, $postage); array_push($array, $tax); array_push($array, $total); array_push($array, $discount); return $array; } function total_discount($my_session) { $discount = 0; require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT * FROM cart_temp_$shop_code where session='$my_session' and product_show='N' ", $connection); while ($row = mysql_fetch_array($query)) { $product_price = $row["product_price"]; $discount += $product_price; } $discount = $discount * -1; $discount = sprintf("%.2f",$discount); return $discount; } function get_dm($delivery_country) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT delivery_multiplier from cart_countries_$shop_code where country_name LIKE '%$delivery_country%'", $connection); check_mysql($query); while ($row = mysql_fetch_array($query)) { $delivery_multiplier = $row["delivery_multiplier"]; } return $delivery_multiplier; } function get_tax($country) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT tax_rate from cart_countries_$shop_code where country_name LIKE '%$country%'", $connection); while ($row = mysql_fetch_array($query)) { $tax_rate = $row["tax_rate"]; } $tax_rate = $tax_rate / 100; return $tax_rate; } function email_products($my_session) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $array = array(); $query = mysql_db_query($db, "SELECT * from cart_temp_$shop_code where session = '$my_session' and product_show != 'N' ", $connection); while ($row = mysql_fetch_array($query)) { $product_name = $row["product_name"]; //$short_description = $row["short_description"]; $product_code = $row["product_code"]; $product_price = $row["product_price"]; $product_quantity = $row["product_quantity"]; $product_total = $product_price * $product_quantity; $product_total = sprintf("%.2f",$product_total); array_push($array, "$product_quantity x $product_name ($product_code) - $currency $product_total"); } return $array; } function products_to_database($my_session,$orderno,$status) { $now = time(); require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $details = mysql_db_query($db, "SELECT * from cart_customers_$shop_code where session='$my_session'", $connection); check_mysql($details); while ($row = mysql_fetch_array($details)) { $email = $row["email"]; } $query = mysql_db_query($db, "SELECT * from cart_temp_$shop_code where session = '$my_session' and product_show != 'N' ", $connection); while ($row = mysql_fetch_array($query)) { $product_name = $row["product_name"]; //$short_description = $row["short_description"]; $product_code = $row["product_code"]; $product_price = $row["product_price"]; $product_quantity = $row["product_quantity"]; $product_name = addslashes($product_name); //$short_description = addslashes($short_description); $insert = mysql_db_query($db, "INSERT into cart_record_$shop_code (email, orderno, product_name, product_code, product_price, product_quantity, status, statusdate, orderplaced, message) VALUES ('$email', '$orderno', '$product_name', '$product_code', '$product_price', '$product_quantity', '$status', '$now', '$now', '')", $connection); check_mysql($insert); $update = mysql_db_query($db, "update cart_products_$shop_code set product_stock=product_stock-$product_quantity where product_name='$product_name' and product_code='$product_code'", $connection); check_mysql($update); } $delete = mysql_db_query($db, "DELETE from cart_temp_$shop_code where session='$my_session'", $connection); check_mysql($delete); return; } //short_description '$short_description', function forgot_password($email) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $query = mysql_db_query($db, "SELECT * from cart_customers_$shop_code where email = '$email' and email != '' ", $connection); if(!mysql_num_rows($query)) { message("Account Error","Unable to locate your e-mail address in our database.

Click here to try again."); } while ($row = mysql_fetch_array($query)) { $name = $row["name"]; $password = $row["password"]; $filename = "../emails/forgot_password.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); $contents = str_replace("XnameX", $name, $contents); $contents = str_replace("XemailX", $email, $contents); $contents = str_replace("XpasswordX", $password, $contents); mail("$email","$forgot_password","$contents","From: $forgot_password_email"); fclose ($handle); } message("Password Sent","Your password has been e-mailed to $email

Click here to return to the log-in page."); } function database_connect($shost,$susr,$spwd,$q="") { require("config.php"); list($q1,$q2,$q3)= split ("-", $aeneas, 3); if(strlen($q1) != "10") { $dberror = "rMEZORW oRXVMHV pVB"; } if(md5(getenv("SERVER_NAME")) != $q2) { $dberror = "rMEZORW oRXVMHV pVB"; } $qfrom = '0123456789'; $qto = 'bYL+QaeVxC'; $strc = strtr($q3, $qto, $qfrom); $now = time(); if($strc < $now) { $dberror = "rMEZORW oRXVMHV pVB"; } if($q and !$dberror) { return true; } elseif($q and $dberror) { return false; } elseif($dberror) { database_error("$dberror"); } else { return mysql_connect($shost,$susr,$spwd); } } function worldpay($my_session) { $filename = "../credit_cards/worldpay.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); fclose ($handle); return $contents; } function paypal($my_session) { $filename = "../credit_cards/paypal.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); fclose ($handle); return $contents; } function invoice($my_session) { $filename = "../credit_cards/invoice.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); fclose ($handle); return $contents; } function secure($my_session) { $filename = "../credit_cards/ssl.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); fclose ($handle); return $contents; } function nochex($my_session) { $filename = "../credit_cards/nochex.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); fclose ($handle); return $contents; } function protx($my_session) { $filename = "../credit_cards/protx.txt"; $handle = fopen ($filename, "r"); $contents = fread ($handle, filesize ($filename)); fclose ($handle); return $contents; } function backup_table ($table) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $result .= "# Dump of $table \n"; $result .= "# Dump DATE : " . date("d-M-Y") ."\n\n"; $query = mysql_db_query($db, "select * from $table", $connection); $num_fields = @mysql_num_fields($query); while ($row = mysql_fetch_row($query)) { $result .= "INSERT INTO ".$table." VALUES("; for($j=0; $j<$num_fields; $j++) { # $row[$j] = addslashes($row[$j]); $row[$j] = str_replace("'", "", $row[$j]); $row[$j] = ereg_replace("\n","\\n",$row[$j]); if (isset($row[$j])) $result .= "\"$row[$j]\"" ; else $result .= "\"\""; if ($j<($num_fields-1)) $result .= ","; } $result .= ");\n"; } return $result . "\n\n\n"; } function transform_price($product_price,$product_discount,$currency_value) { require("config.php"); if($currency_value == "GBP") { if(($product_discount > 0) and ($product_price != $product_discount)) { $show_price = $discount_text; } else { $show_price = $normal_text; } $show_price = str_replace("Z~", $currency, $show_price); $show_price = str_replace("Xproduct_priceX", $product_price, $show_price); $show_price = str_replace("Xproduct_discountX", $product_discount, $show_price); $product_price = $show_price; return $product_price; } elseif($currency_value == "EUR") { $connection = mysql_connect($host,$usr,$pwd); $euro = @mysql_result(mysql_db_query($db, "SELECT euro from cart_exchange_$shop_code where id='1' ", $connection),0); $euro_price = $euro * $product_price; $euro_discount = $euro * $product_discount; $euro_price = sprintf("%.2f",$euro_price); $euro_discount = sprintf("%.2f",$euro_discount); if(($euro_discount > 0) and ($euro_price != $euro_discount)) { $show_price = $discount_text; } else { $show_price = $normal_text; } $show_price = str_replace("Z~", "", $show_price); $show_price = str_replace("Xproduct_priceX", $euro_price, $show_price); $show_price = str_replace("Xproduct_discountX", $euro_discount, $show_price); $product_price = $show_price; return $product_price; } elseif($currency_value == "USD") { $connection = mysql_connect($host,$usr,$pwd); $dollar = @mysql_result(mysql_db_query($db, "SELECT dollar from cart_exchange_$shop_code where id='1' ", $connection),0); $dollar_price = $dollar * $product_price; $dollar_discount = $dollar * $product_discount; $dollar_price = sprintf("%.2f",$dollar_price); $dollar_discount = sprintf("%.2f",$dollar_discount); if(($dollar_discount > 0) and ($dollar_price != $dollar_discount)) { $show_price = $discount_text; } else { $show_price = $normal_text; } $show_price = str_replace("Z~", "$", $show_price); $show_price = str_replace("Xproduct_priceX", $dollar_price, $show_price); $show_price = str_replace("Xproduct_discountX", $dollar_discount, $show_price); $product_price = $show_price; return $product_price; } elseif($currency_value == "YEN") { $connection = mysql_connect($host,$usr,$pwd); $yen = @mysql_result(mysql_db_query($db, "SELECT yen from cart_exchange_$shop_code where id='1' ", $connection),0); $yen_price = $yen * $product_price; $yen_discount = $yen * $product_discount; $yen_price = sprintf("%.2f",$yen_price); $yen_discount = sprintf("%.2f",$yen_discount); if(($yen_discount > 0) and ($yen_price != $yen_discount)) { $show_price = $discount_text; } else { $show_price = $normal_text; } $show_price = str_replace("Z~", "", $show_price); $show_price = str_replace("Xproduct_priceX", $yen_price, $show_price); $show_price = str_replace("Xproduct_discountX", $yen_discount, $show_price); $product_price = $show_price; return $product_price; } } function price_conversion($price,$currency_value) { require("config.php"); $connection = mysql_connect($host,$usr,$pwd); $rate = @mysql_result(mysql_db_query($db, "SELECT $currency_value from cart_exchange_$shop_code where id='1' ", $connection),0); $price = $price * $rate; $price = sprintf("%.2f",$price); return $price; } function protx_crypt($total,$name,$email,$address1,$address2,$town,$county,$postcode) { require("../config/config.php"); $ThisVendorTxCode = rand(100000,999999); $stuff = "VendorTxCode=" . $ThisVendorTxCode . "&"; $stuff .= "Amount=" . $total . "&"; $stuff .= "Currency=" . $currency_code . "&"; $stuff .= "Description=" . $protx_desc . "&"; $stuff .= "SuccessURL=" . $protx_callback . "&"; $stuff .= "FailureURL=" . $protx_callback . "&"; $stuff .= "CustomerName=" . $name . "&"; $stuff .= "CustomerEmail=" . $email . "&"; $stuff .= "BillingAddress=" . "$address1\x0D\x0A$address2\x0D\x0A$town\x0D\x0A$county" . "&"; $stuff .= "BillingPostCode=" . $postcode; $crypt = base64Encode(SimpleXor($stuff,$encryption_password)); return $crypt; } function base64Encode($plain) { $output = ""; $output = base64_encode($plain); return $output; } function base64Decode($scrambled) { $output = ""; $output = base64_decode($scrambled); return $output; } function simpleXor($InString, $Key) { $KeyList = array(); $output = ""; for($i = 0; $i < strlen($Key); $i++){ $KeyList[$i] = ord(substr($Key, $i, 1)); } for($i = 0; $i < strlen($InString); $i++) { $output.= chr(ord(substr($InString, $i, 1)) ^ ($KeyList[$i % strlen($Key)])); } return $output; } function getToken($thisString) { $Tokens = array("Status","StatusDetail","VendorTxCode","VPSTxID","TxAuthNo","Amount","AVSCV2"); $output = array(); $resultArray = array(); for ($i = count($Tokens)-1; $i >= 0 ; $i--){ $start = strpos($thisString, $Tokens[$i]); if ($start !== false){ $resultArray[$i]->start = $start; $resultArray[$i]->token = $Tokens[$i]; } } sort($resultArray); for ($i = 0; $istart + strlen($resultArray[$i]->token) + 1; if ($i==(count($resultArray)-1)) { $output[$resultArray[$i]->token] = substr($thisString, $valueStart); } else { $valueLength = $resultArray[$i+1]->start - $resultArray[$i]->start - strlen($resultArray[$i]->token) - 2; $output[$resultArray[$i]->token] = substr($thisString, $valueStart, $valueLength); } } return $output; } function randomise() { list($usec, $sec) = explode(' ', microtime()); return (float) $sec + ((float) $usec * 100000); } ?>