PHP oos_db_perform函数代码示例

            $customerid_result = $dbconn->Execute($sql);
            if ($customerid == $customerid_result->fields) {
                $ticket_customers_id = $customerid['customers_id'];
            }
        }
        // generate LinkID
        $time = mktime();
        $ticket_link_id = '';
        for ($x = 3; $x < 10; $x++) {
            $ticket_link_id .= substr($time, $x, 1) . oos_create_random_value(1, $type = 'chars');
        }
        $sql_data_array = array('ticket_link_id' => $ticket_link_id, 'ticket_customers_id' => $ticket_customers_id, 'ticket_customers_orders_id' => $ticket_customers_orders_id, 'ticket_customers_email' => $email, 'ticket_customers_name' => $name, 'ticket_subject' => $subject, 'ticket_status_id' => TICKET_DEFAULT_STATUS_ID, 'ticket_department_id' => $department, 'ticket_priority_id' => $priority, 'ticket_login_required' => TICKET_CUSTOMER_LOGIN_REQUIREMENT_DEFAULT, 'ticket_date_last_modified' => 'now()', 'ticket_date_last_customer_modified' => 'now()', 'ticket_date_created' => 'now()');
        oos_db_perform($oostable['ticket_ticket'], $sql_data_array);
        $insert_id = $dbconn->Insert_ID();
        $sql_data_array = array('ticket_id' => $insert_id, 'ticket_status_id' => TICKET_DEFAULT_STATUS_ID, 'ticket_priority_id' => $priority, 'ticket_department_id' => $department, 'ticket_date_modified' => 'now()', 'ticket_customer_notified' => '1', 'ticket_edited_by' => $name, 'ticket_comments' => $enquiry);
        oos_db_perform($oostable['ticket_status_history'], $sql_data_array);
        // Email  Customer doesn't get the Message cause he should use the web
        $ticket_email_subject = $aLang['ticket_email_subject'] . $subject;
        $ticket_email_message = $aLang['ticket_email_message_header'] . "\n\n" . oos_href_link($aPages['ticket_view'], 'tlid=' . $ticket_link_id, 'NONSSL', false, false) . "\n\n" . $aLang['ticket_email_ticket_nr'] . " " . $ticket_link_id . "\n" . $aLang['ticket_email_message_footer'];
        $ticket_email_message = decode($ticket_email_message);
        oos_mail($name, $email, $ticket_email_subject, nl2br($ticket_email_message), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '3');
        // send emails to other people
        if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
            // $ticket_email_message = $aLang['ticket_email_message_header'] . "\n\n" . oos_href_link($aPages['ticket_view'], 'tlid=' . $ticket_link_id, 'NONSSL', false, false) . "\n\n" . $aLang['ticket_email_message_footer'] . "\n\n" . $enquiry;
            oos_mail('', SEND_EXTRA_ORDER_EMAILS_TO, $ticket_email_subject, nl2br($ticket_email_message), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '1');
        }
        MyOOS_CoreApi::redirect(oos_href_link($aPages['ticket_create'], 'action=success&amp;tlid=' . $ticket_link_id));
    }
}
if (TICKET_USE_ORDER_IDS == '1' && isset($_SESSION['customer_id'])) {
    $orders_id = array();

                    $sql_data_marray[$i] = array('coupon_name' => oos_db_prepare_input($_POST['coupon_name'][$lang_id]), 'coupon_description' => oos_db_prepare_input($_POST['coupon_desc'][$lang_id]));
                }
                if (isset($_GET['oldaction']) && $_GET['oldaction'] == 'voucheredit') {
                    oos_db_perform($oostable['coupons'], $sql_data_array, 'update', "coupon_id='" . $_GET['cID'] . "'");
                    for ($i = 0, $n = count($languages); $i < $n; $i++) {
                        $lang_id = $languages[$i]['id'];
                        $update = $dbconn->Execute("UPDATE " . $oostable['coupons_description'] . " SET coupon_name = '" . oos_db_prepare_input($_POST['coupon_name'][$lang_id]) . "', coupon_description = '" . oos_db_prepare_input($_POST['coupon_desc'][$lang_id]) . "' WHERE coupon_id = '" . intval($coupon_id) . "' and coupon_languages_id = '" . intval($lang_id) . "'");
                    }
                } else {
                    $query = oos_db_perform($oostable['coupons'], $sql_data_array);
                    $coupon_id = $dbconn->Insert_ID();
                    for ($i = 0, $n = count($languages); $i < $n; $i++) {
                        $lang_id = $languages[$i]['id'];
                        $sql_data_marray[$i]['coupon_id'] = $coupon_id;
                        $sql_data_marray[$i]['coupon_languages_id'] = $lang_id;
                        oos_db_perform($oostable['coupons_description'], $sql_data_marray[$i]);
                    }
                }
            }
            oos_redirect_admin(oos_href_link_admin($aFilename['coupon_admin'], 'page=' . $_GET['page'] . '&cID=' . $coupon_id));
    }
}
require 'includes/oos_header.php';
?>
<link rel="stylesheet" type="text/css" href="includes/javascript/spiffyCal/spiffyCal_v2_1.css">
<script language="JavaScript" src="includes/javascript/spiffyCal/spiffyCal_v2_1.js"></script>
<script language="javascript">
  var dateAvailable = new ctlSpiffyCalendarBox("dateAvailable", "new_product", "products_date_available","btnDate1","<?php 
echo $pInfo->products_date_available;
?>
",scBTNMODE_CUSTOMBLUE);

// define our localization functions
require 'includes/functions/function_localization.php';
require 'includes/classes/class_currencies.php';
$currencies = new currencies();
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (!empty($action)) {
    switch ($action) {
        case 'insert':
        case 'save':
            $currency_id = oos_db_prepare_input($_GET['cID']);
            $sql_data_array = array('title' => $title, 'code' => $code, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places, 'value' => $currency_value);
            if ($action == 'insert') {
                oos_db_perform($oostable['currencies'], $sql_data_array);
                $currency_id = $dbconn->Insert_ID();
            } elseif ($action == 'save') {
                oos_db_perform($oostable['currencies'], $sql_data_array, 'update', "currencies_id = '" . oos_db_input($currency_id) . "'");
            }
            if (isset($_POST['default']) && $_POST['default'] == 'on') {
                $dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '" . oos_db_input($code) . "' WHERE configuration_key = 'DEFAULT_CURRENCY'");
            }
            oos_redirect_admin(oos_href_link_admin($aFilename['currencies'], 'page=' . $_GET['page'] . '&cID=' . $currency_id));
            break;
        case 'deleteconfirm':
            $currencies_id = oos_db_prepare_input($_GET['cID']);
            $currency_result = $dbconn->Execute("SELECT currencies_id FROM " . $oostable['currencies'] . " WHERE code = '" . DEFAULT_CURRENCY . "'");
            $currency = $currency_result->fields;
            if ($currency['currencies_id'] == $currencies_id) {
                $dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '' WHERE configuration_key = 'DEFAULT_CURRENCY'");
            }
            $dbconn->Execute("DELETE FROM " . $oostable['currencies'] . " WHERE currencies_id = '" . oos_db_input($currencies_id) . "'");
            oos_redirect_admin(oos_href_link_admin($aFilename['currencies'], 'page=' . $_GET['page']));

            if (empty($ticket_reply_id)) {

              $ticket_replytable = $oostable['ticket_reply'];
              $next_id_result = $dbconn->Execute("SELECT max(ticket_reply_id) as ticket_reply_id FROM $ticket_replytable");
              $next_id = $next_id_result->fields;
              $ticket_reply_id = $next_id['ticket_reply_id'] + 1;
            }

            $insert_sql_data = array('ticket_reply_id' => $ticket_reply_id,
                                     'ticket_languages_id' => $lang_id);

            $sql_data_array = array_merge($sql_data_array, $insert_sql_data);

            oos_db_perform($oostable['ticket_reply'], $sql_data_array);
          } elseif ($action == 'save') {
            oos_db_perform($oostable['ticket_reply'], $sql_data_array, 'update', "ticket_reply_id = '" . oos_db_input($ticket_reply_id) . "' and ticket_languages_id = '" . intval($lang_id) . "'");
          }
        }

        if (isset($_POST['default']) && ($_POST['default'] == 'on')) {
          $configurationtable = $oostable['configuration'];
          $dbconn->Execute("UPDATE $configurationtable SET configuration_value = '" . oos_db_input($ticket_reply_id) . "' WHERE configuration_key = 'TICKET_DEFAULT_REPLY_ID'");
        }

        oos_redirect_admin(oos_href_link_admin($aFilename['ticket_reply'], 'page=' . $_GET['page'] . '&oID=' . $ticket_reply_id));
        break;

      case 'deleteconfirm':
        $oID = oos_db_prepare_input($_GET['oID']);

        $configurationtable = $oostable['configuration'];

         $update_sql_data = array('last_modified' => '" . date("Y-m-d H:i:s", time()) . "');
         $sql_data_array = array_merge($sql_data_array, $update_sql_data);
         oos_db_perform($oostable['block'], $sql_data_array, 'update', "block_id = '" . intval($block_content_id) . "'");
         $dbconn->Execute("DELETE FROM " . $oostable['block_to_page_type'] . " WHERE block_id = '" . intval($block_content_id) . "'");
     }
     $languages = oos_get_languages();
     for ($i = 0, $n = count($languages); $i < $n; $i++) {
         $block_content_name_array = $_POST['block_name'];
         $lang_id = $languages[$i]['id'];
         $sql_data_array = array('block_name' => oos_db_prepare_input($block_content_name_array[$lang_id]));
         if ($action == 'insert') {
             $insert_sql_data = array('block_id' => $block_content_id, 'block_languages_id' => $lang_id);
             $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
             oos_db_perform($oostable['block_info'], $sql_data_array);
         } elseif ($action == 'save') {
             oos_db_perform($oostable['block_info'], $sql_data_array, 'update', "block_id = '" . intval($block_content_id) . "' AND block_languages_id = '" . intval($lang_id) . "'");
         }
     }
     if (isset($_REQUEST['page_type'])) {
         reset($_REQUEST['page_type']);
         foreach ($_REQUEST['page_type'] as $k => $id) {
             $sql = "INSERT INTO " . $oostable['block_to_page_type'] . "\n                     (block_id,\n                      page_type_id)\n                      VALUES (" . $dbconn->qstr($block_content_id) . ',' . $dbconn->qstr($id) . ")";
             $dbconn->Execute($sql);
         }
     }
     oos_redirect_admin(oos_href_link_admin($aFilename['content_block'], 'page=' . $_GET['page'] . '&bID=' . $block_content_id));
     break;
 case 'deleteconfirm':
     $block_content_id = oos_db_prepare_input($_GET['bID']);
     $dbconn->Execute("DELETE FROM " . $oostable['block'] . " WHERE block_id = '" . intval($block_content_id) . "'");
     $dbconn->Execute("DELETE FROM " . $oostable['block_info'] . " WHERE block_id = '" . intval($block_content_id) . "'");

/**
 * Return Categories description
 *
 * @param $nCurrentCategoryId
 * @return array
 */
function oos_get_categories_description($nCurrentCategoryId)
{

    $nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id']+0 : 1;

    // Get database information
    $dbconn =& oosDBGetConn();
    $oostable =& oosDBGetTables();

    $categories_descriptiontable = $oostable['categories_description'];
    $categories_description_sql = "SELECT cd.categories_name, cd.categories_heading_title, cd.categories_description,
                                          cd.categories_description_meta, cd.categories_keywords_meta
                                     FROM $categories_descriptiontable cd
                                    WHERE cd.categories_id = '" . intval($nCurrentCategoryId) . "'
                                      AND cd.categories_languages_id = '" .  intval(DEFAULT_LANGUAGE_ID) . "'";
    $categories_description_result = $dbconn->Execute($categories_description_sql);
    $categories_description = $categories_description_result->fields;

    $sql_data_array = array('categories_name' => oos_db_input($categories_description['categories_name']),
                            'categories_heading_title' => oos_db_input($categories_description['categories_heading_title']),
                            'categories_description' => oos_db_input($categories_description['categories_description']),
                            'categories_description_meta' => oos_db_input($categories_description['categories_description_meta']),
                            'categories_keywords_meta' => oos_db_input($categories_description['categories_keywords_meta']));

    $categories_descriptiontable = $oostable['categories_description'];
    oos_db_perform($categories_descriptiontable, $sql_data_array, 'update', 'categories_id = \'' . intval($nCurrentCategoryId) . '\' and categories_languages_id = \'' . intval($nLanguageID) . '\'');

    return $categories_description;
}

        $sql_data_array = array('entry_firstname' => $customers_firstname,
                                'entry_lastname' => $customers_lastname,
                                'entry_street_address' => $entry_street_address,
                                'entry_postcode' => $entry_postcode,
                                'entry_city' => $entry_city,
                                'entry_country_id' => $entry_country_id);

        if (ACCOUNT_COMPANY == '1') $sql_data_array['entry_company'] = $entry_company;
        if (ACCOUNT_OWNER == '1') $sql_data_array['entry_owner'] = $entry_owner;
        if (ACCOUNT_SUBURB == '1') $sql_data_array['entry_suburb'] = $entry_suburb;
        if (ACCOUNT_STATE == '1') {
          $sql_data_array['entry_state'] = $entry_state;
          $sql_data_array['entry_zone_id'] = $entry_zone_id;
        }

        oos_db_perform($oostable['address_book'], $sql_data_array, 'update', "customers_id = '" . intval($customers_id) . "' and address_book_id = '" . oos_db_input($default_address_id) . "'");

        oos_redirect_admin(oos_href_link_admin($aFilename['customers'], oos_get_all_get_params(array('cID', 'action')) . 'cID=' . $customers_id));
        break;
      case 'deleteconfirm':
        $customers_id = oos_db_prepare_input($_GET['cID']);

        if (isset($_POST['delete_reviews']) && ($_POST['delete_reviews'] == 'on')) {
          $reviewstable = $oostable['reviews'];
          $reviews_result = $dbconn->Execute("SELECT reviews_id FROM $reviewstable WHERE customers_id = '" . intval($customers_id) . "'");
          while ($reviews = $reviews_result->fields) {
            $reviews_descriptiontable = $oostable['reviews_description'];
            $dbconn->Execute("DELETE FROM $reviews_descriptiontable WHERE reviews_id = '" . $reviews['reviews_id'] . "'");

            // Move that ADOdb pointer!
            $reviews_result->MoveNext();

                $dbconn->Execute("INSERT INTO " . $oostable['newsfeed_manager_status_history'] . " (newsfeed_manager_id, new_value, old_value, date_added, customer_notified) values ('" . oos_db_input($nmID) . "', '" . oos_db_input($status) . "', '" . $check_status['newsfeed_manager_status'] . "', '" . date("Y-m-d H:i:s", time()) . "', '" . $customer_notified . "')");
                $customer_updated = true;
            }
            break;
        case 'insert':
        case 'update':
            $newsfeed_manager_id = oos_db_prepare_input($_GET['nmID']);
            $sql_data_array = array('newsfeed_categories_id' => $newsfeed_categories_id, 'newsfeed_manager_name' => $newsfeed_manager_name, 'newsfeed_manager_link' => $newsfeed_manager_link, 'newsfeed_manager_languages_id' => $newsfeed_manager_languages_id, 'newsfeed_manager_numarticles' => $newsfeed_manager_numarticles, 'newsfeed_manager_refresh' => $newsfeed_manager_refresh);
            if ($action == 'insert') {
                $insert_sql_data = array('newsfeed_manager_date_added' => '" . date("Y-m-d H:i:s", time()) . "');
                $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
                oos_db_perform($oostable['newsfeed_manager'], $sql_data_array);
            } elseif ($action == 'update') {
                $update_sql_data = array('newsfeed_manager_last_modified' => '" . date("Y-m-d H:i:s", time()) . "');
                $sql_data_array = array_merge($sql_data_array, $update_sql_data);
                oos_db_perform($oostable['newsfeed_manager'], $sql_data_array, 'update', "newsfeed_manager_id = '" . oos_db_input($newsfeed_manager_id) . "'");
            }
            oos_redirect_admin(oos_href_link_admin($aFilename['newsfeed_manager'], oos_get_all_get_params(array('nmID', 'action')) . 'nmID=' . $newsfeed_manager_id));
            break;
        case 'deleteconfirm':
            $newsfeed_manager_id = oos_db_prepare_input($_GET['nmID']);
            $dbconn->Execute("DELETE FROM " . $oostable['newsfeed_manager'] . " WHERE newsfeed_manager_id = '" . oos_db_input($newsfeed_manager_id) . "'");
            oos_redirect_admin(oos_href_link_admin($aFilename['newsfeed_manager'], oos_get_all_get_params(array('nmID', 'action'))));
            break;
    }
}
require 'includes/oos_header.php';
?>
<script language="javascript"><!--
function popupImageWindow(url) {
  window.open(url,'popupImageWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no,width=200,height=680,screenX=150,screenY=150,top=150,left=150')

            }
            break;
        case 'group_new':
            $admin_groups_name = ucwords(strtolower(oos_db_prepare_input($_POST['admin_groups_name'])));
            $name_replace = preg_replace("/ /", "%", $admin_groups_name);
            if ($admin_groups_name == '' || NULL || strlen($admin_groups_name) <= 5) {
                oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $_GET[gID] . '&gName=false&action=new_group'));
            } else {
                $check_groups_name_query = "SELECT admin_groups_name as group_name_new FROM " . $oostable['admin_groups'] . " WHERE admin_groups_name like '%" . $name_replace . "%'";
                $check_groups_name_result =& $dbconn->Execute($check_groups_name_query);
                $check_duplicate = $check_groups_name_result->RecordCount();
                if ($check_duplicate > 0) {
                    oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $_GET['gID'] . '&gName=used&action=new_group'));
                } else {
                    $sql_data_array = array('admin_groups_name' => $admin_groups_name);
                    oos_db_perform($oostable['admin_groups'], $sql_data_array);
                    $admin_groups_id = $dbconn->Insert_ID();
                    $set_groups_id = oos_db_prepare_input($_POST['set_groups_id']);
                    $add_group_id = $set_groups_id . ',\'' . $admin_groups_id . '\'';
                    $query = "alter table " . $oostable['admin_files'] . " change admin_groups_id admin_groups_id set( " . $add_group_id . ") NOT NULL DEFAULT '1' ";
                    $dbconn->Execute($query);
                    oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $admin_groups_id));
                }
            }
            break;
    }
}
require 'includes/oos_header.php';
require 'includes/account_check.js.php';
?>
<!-- body //-->

                                    'orders_products_id' => $order_products_id,
                                    'products_options' => $attributes_values['products_options_name'],
                                    'products_options_values' => $oOrder->products[$i]['attributes'][$j]['value'],
                                    'options_values_price' => $attributes_values['options_values_price'],
                                    'price_prefix' => $attributes_values['price_prefix']);
            // insert
            oos_db_perform($oostable['orders_products_attributes'], $sql_data_array);

            if ((DOWNLOAD_ENABLED == '1') && isset($attributes_values['products_attributes_filename']) && !empty($attributes_values['products_attributes_filename'])) {
                $sql_data_array = array('orders_id' => $insert_id,
                                        'orders_products_id' => $order_products_id,
                                        'orders_products_filename' => $attributes_values['products_attributes_filename'],
                                        'download_maxdays' => $attributes_values['products_attributes_maxdays'],
                                        'download_count' => $attributes_values['products_attributes_maxcount']);
                // insert
                oos_db_perform($oostable['orders_products_download'], $sql_data_array);
            }
            $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . oos_decode_special_chars($oOrder->products[$i]['attributes'][$j]['value']);
        }
    }


// insert customer choosen option eof
    $total_weight += ($oOrder->products[$i]['qty'] * $oOrder->products[$i]['weight']);
    $total_tax += oos_calculate_tax($total_products_price, $products_tax) * $oOrder->products[$i]['qty'];
    $total_cost += $total_products_price;

    $products_ordered .= $oOrder->products[$i]['qty'] . ' x ' . $oOrder->products[$i]['name'] . ' (' . $oOrder->products[$i]['model'] . ') = ' . $oCurrencies->display_price($oOrder->products[$i]['final_price'], $oOrder->products[$i]['tax'], $oOrder->products[$i]['qty']) . $products_ordered_attributes . "\n";
}

             oos_get_copy_uploaded_file($newsfeed_image, $image_directory);
         }
     }
     $languages = oos_get_languages();
     for ($i = 0, $n = count($languages); $i < $n; $i++) {
         $newsfeed_name_array = $_POST['newsfeed_name'];
         $newsfeed_title_array = $_POST['newsfeed_title'];
         $newsfeed_description_array = $_POST['newsfeed_description'];
         $lang_id = $languages[$i]['id'];
         $sql_data_array = array('newsfeed_name' => oos_db_prepare_input($newsfeed_name_array[$lang_id]), 'newsfeed_title' => oos_db_prepare_input($newsfeed_title_array[$lang_id]), 'newsfeed_description' => oos_db_prepare_input($newsfeed_description_array[$lang_id]));
         if ($action == 'insert') {
             $insert_sql_data = array('newsfeed_id' => $newsfeed_id, 'newsfeed_languages_id' => $lang_id);
             $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
             oos_db_perform($oostable['newsfeed_info'], $sql_data_array);
         } elseif ($action == 'save') {
             oos_db_perform($oostable['newsfeed_info'], $sql_data_array, 'update', "newsfeed_id = '" . oos_db_input($newsfeed_id) . "' and newsfeed_languages_id = '" . intval($lang_id) . "'");
         }
     }
     oos_redirect_admin(oos_href_link_admin($aFilename['rss_conf'], 'page=' . $_GET['page'] . '&nID=' . $newsfeed_id));
     break;
 case 'deleteconfirm':
     $newsfeed_id = oos_db_prepare_input($_GET['nID']);
     if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') {
         $newsfeedtable = $oostable['newsfeed'];
         $newsfeed_result = $dbconn->Execute("SELECT newsfeed_image FROM {$newsfeedtable} WHERE newsfeed_id = '" . oos_db_input($newsfeed_id) . "'");
         $newsfeed = $newsfeed_result->fields;
         $image_location = OOS_ABSOLUTE_PATH . OOS_IMAGES . $newsfeed['newsfeed_image'];
         if (file_exists($image_location)) {
             @unlink($image_location);
         }
     }

            $sql_data_array = array('admin_files_name' => oos_db_prepare_input($_GET['box']), 'admin_files_is_boxes' => '1');
            oos_db_perform($oostable['admin_files'], $sql_data_array);
            $admin_boxes_id = $dbconn->Insert_ID();
            oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'cID=' . $admin_boxes_id));
            break;
        case 'box_remove':
            // NOTE: ALSO DELETE FILES STORED IN REMOVED BOX //
            $admin_boxes_id = oos_db_prepare_input($_GET['cID']);
            $admin_filestable = $oostable['admin_files'];
            $query = "DELETE FROM " . $admin_filestable . " WHERE admin_files_id = '" . $admin_boxes_id . "' or admin_files_to_boxes = '" . $admin_boxes_id . "'";
            $dbconn->Execute($query);
            oos_redirect_admin(oos_href_link_admin($aFilename['admin_files']));
            break;
        case 'file_store':
            $sql_data_array = array('admin_files_name' => oos_db_prepare_input($_POST['admin_files_name']), 'admin_files_to_boxes' => oos_db_prepare_input($_POST['admin_files_to_boxes']));
            oos_db_perform($oostable['admin_files'], $sql_data_array);
            $admin_files_id = $dbconn->Insert_ID();
            oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'categories=' . $_GET['categories'] . '&fID=' . $admin_files_id));
            break;
        case 'file_remove':
            $admin_files_id = oos_db_prepare_input($_POST['admin_files_id']);
            $admin_filestable = $oostable['admin_files'];
            $query = "DELETE FROM " . $admin_filestable . " WHERE admin_files_id = '" . $admin_files_id . "'";
            $dbconn->Execute($query);
            oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'categories=' . $_GET['categories']));
            break;
    }
}
require 'includes/oos_header.php';
?>
<!-- body //-->

        if ($_POST['product']) {
            foreach ($_POST['product'] as $temp_prod) {
                $products_up_selltable = $oostable['products_up_sell'];
                $dbconn->Execute("DELETE FROM {$products_up_selltable} WHERE up_sell_id = '" . $temp_prod . "' AND products_id = '" . $_GET['add_related_product_ID'] . "'");
            }
        }
        $products_up_selltable = $oostable['products_up_sell'];
        $sort_start_result = $dbconn->Execute("SELECT sort_order FROM {$products_up_selltable} WHERE products_id = '" . $_GET['add_related_product_ID'] . "' ORDER BY sort_order desc LIMIT 1");
        $sort_start = $sort_start_result->fields;
        $sort = $sort_start['sort_order'] > 0 ? $sort_start['sort_order'] : '0';
        if ($_POST['up']) {
            foreach ($_POST['up'] as $temp) {
                $sort++;
                $insert_array = array();
                $insert_array = array('products_id' => $_GET['add_related_product_ID'], 'up_sell_id' => $temp, 'sort_order' => $sort);
                oos_db_perform($oostable['products_up_sell'], $insert_array);
            }
        }
        $messageStack->add(UP_SELL_SUCCESS, 'success');
        break;
    case 'update_sort':
        foreach ($_POST as $key_a => $value_a) {
            $products_up_selltable = $oostable['products_up_sell'];
            $dbconn->Execute("UPDATE {$products_up_selltable} SET sort_order = '" . $value_a . "' WHERE up_sell_id = '" . $key_a . "'");
        }
        $messageStack->add(SORT_UP_SELL_SUCCESS, 'success');
        break;
}
require 'includes/oos_header.php';
?>
<!-- body //-->

     }
 }
 if (!$banner_error) {
     if (empty($html_text) && $store_image == true) {
         oos_get_copy_uploaded_file($banners_image, $image_directory);
     }
     $db_image_location = oos_is_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image['name'];
     $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $html_text);
     if ($action == 'insert') {
         $insert_sql_data = array('date_added' => '" . date("Y-m-d H:i:s", time()) . "', 'status' => '1');
         $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
         oos_db_perform($oostable['banners'], $sql_data_array);
         $banners_id = $dbconn->Insert_ID();
         $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
     } elseif ($action == 'update') {
         oos_db_perform($oostable['banners'], $sql_data_array, 'update', 'banners_id = \'' . $banners_id . '\'');
         $messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
     }
     if (isset($_POST['expires_date'])) {
         $expires_date = oos_db_prepare_input($_POST['expires_date']);
         list($day, $month, $year) = explode('/', $expires_date);
         $expires_date = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
         $dbconn->Execute("UPDATE " . $oostable['banners'] . " SET expires_date = '" . oos_db_input($expires_date) . "', expires_impressions = null WHERE banners_id = '" . $banners_id . "'");
     } elseif ($_POST['impressions']) {
         $impressions = oos_db_prepare_input($_POST['impressions']);
         $dbconn->Execute("UPDATE " . $oostable['banners'] . " SET expires_impressions = '" . oos_db_input($impressions) . "', expires_date = null WHERE banners_id = '" . $banners_id . "'");
     }
     if (isset($_POST['date_scheduled'])) {
         $date_scheduled = oos_db_prepare_input($_POST['date_scheduled']);
         list($day, $month, $year) = explode('/', $date_scheduled);
         $date_scheduled = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);

 if (ACCOUNT_OWNER == '1') {
     $sql_data_array['entry_owner'] = $owner;
 }
 if (ACCOUNT_SUBURB == '1') {
     $sql_data_array['entry_suburb'] = $suburb;
 }
 if (ACCOUNT_STATE == '1') {
     if ($zone_id > 0) {
         $sql_data_array['entry_zone_id'] = $zone_id;
         $sql_data_array['entry_state'] = '';
     } else {
         $sql_data_array['entry_zone_id'] = '0';
         $sql_data_array['entry_state'] = $state;
     }
 }
 oos_db_perform($oostable['address_book'], $sql_data_array);
 $customers_infotable = $oostable['customers_info'];
 $dbconn->Execute("INSERT INTO " . $customers_infotable . "\n                (customers_info_id,\n                 customers_info_number_of_logons,\n                 customers_info_date_account_created) VALUES ('" . intval($customer_id) . "',\n                                                              '0',\n                                                              '" . date("Y-m-d H:i:s", time()) . "')");
 $_SESSION['customer_id'] = $customer_id;
 $_SESSION['customer_wishlist_link_id'] = $wishlist_link_id;
 $_SESSION['customer_first_name'] = $firstname;
 $_SESSION['customer_default_address_id'] = 1;
 $_SESSION['customer_country_id'] = $country;
 $_SESSION['customer_zone_id'] = $zone_id;
 $_SESSION['customer_max_order'] = $customer_max_order;
 $_SESSION['man_key'] = $keya;
 if (ACCOUNT_VAT_ID == '1') {
     if (ACCOUNT_COMPANY_VAT_ID_CHECK == '1' && $vatid_check_error === false) {
         $_SESSION['customers_vat_id_status'] = 1;
     } else {
         $_SESSION['customers_vat_id_status'] = 0;