Sistem Penjualan Ponsel Berbasis Ecommerce

(1)

KEMENTERIAN PENDIDIKAN DAN KEBUDAYAAN UNIVERSITAS SUMATERA UTARA

FAKULTAS MATEMATIKA DAN ILMU PENGETAHUAN ALAM Jln. Bioteknologi No.1 Kampus USU Padang Bulan Medan-20155

Telp. (061) 8211050, 8214290, Fax. (061) 8214290

KARTU BIMBINGAN TUGAS AKHIR MAHASISWA

Nama Mahasiswa : VIVI SAUFINA Nomor Induk Mahasiswa : 102406040

Judul Tugas Akhir : Sistem Penjualan Ponsel Berbasis Ecommerce Dosen Pembimbing : Dr. Saib Suwilo, M.Sc

Tanggal Mulai Bimbingan : Tanggal Selesai Bimbingan :

 Kartu ini harap dikembalikan kejurusan Matematika Bila Bimbingan Mahasiswa telah Selesai.

Diketahui, Disetujui

Ketua Dapartemen Matematika Pembimbing Utama/ Penanggung Jawab

Prof. Dr. Tulus, M.Si Dr. Saib Suwilo, M.Sc 19620901 198803 1 002 19640109 198803 1 004 No

Tanggal Asisten Bimbingan

Pembahasan pada Asistensi Mengenai, pada Bab :

Paraf Dosen

Pembimbing Keterangan 1

(2)

SURAT KETERANGAN

Hasil Uji Program Tugas Akhir

Yang bertanda dibawah ini, menerangkan bahwa Mahasiswa Tugas Akhir Program D3 Teknik Informatika :

Nama : VIVI SAUFINA NIM : 102406040

Prog. Studi : D3 Teknik Informatika

Judul TA : Penjualan Ponsel Berbasis Ecommerce

Telah melaksanakan test program Tugas Akhir Mahasiswa diatas pada tanggal ……….

Dengan Hasil : Sukses / Gagal

Demikianlah diterangkan untuk digunakan melengkapi syarat pendaftaran ujian Meja Hijau Tugas Akhir Mahasiswa bersangkutan di Dapartemen Matematika FMIPA USU Medan.

Medan, Mei 2013 Dosen Pembimbing

(3)

LAMPIRAN : LISTING PROGRAM

Listing Index.php

<?php /*

* 2007-2011 PrestaShop *

* NOTICE OF LICENSE *

* This source file is subject to the Open Software License (OSL 3.0)

* that is bundled with this package in the file LICENSE.txt.

* It is also available through the world-wide-web at this URL:

* http://opensource.org/licenses/osl-3.0.php

* If you did not receive a copy of the license and are

* DISCLAIMER *

* Do not edit or add to this file if you wish to upgrade PrestaShop to newer

* versions in the future. If you wish to customize PrestaShop for your

* needs please refer to http://www.prestashop.com for more information.

*

* @version Release: $Revision: 7233 $

* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)

* International Registered Trademark & Property of PrestaShop SA

*/

header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");

header("Cache-Control: no-store, no-cache,

(4)

header("Cache-Control: post-check=0, pre-check=0", false);

header("Pragma: no-cache");

header("Location: ../"); exit;

Listing CategoryController.php

<?php /*

* DISCLAIMER *

*

*/

(5)

{

public $php_self = 'category.php';

protected $category;

public function setMedia() {

parent::setMedia(); Tools::addCSS(array(

_PS_CSS_DIR_.'jquery.cluetip.css' =>

'all',

_THEME_CSS_DIR_.'scenes.css' => 'all', _THEME_CSS_DIR_.'category.css' => 'all',

_THEME_CSS_DIR_.'product_list.css' =>

'all'));

if

(Configuration::get('PS_COMPARATOR_MAX_ITEM') > 0) Tools::addJS(_THEME_JS_DIR_.'products-comparison.js');

}

public function displayHeader() {

parent::displayHeader(); $this->productSort(); }

public function canonicalRedirection() {

// Automatically redirect to the canonical URL if the current in is the right one

// $_SERVER['HTTP_HOST'] must be replaced by the real canonical domain

if (Validate::isLoadedObject($this->category) && Configuration::get('PS_CANONICAL_REDIRECT') && strtoupper($_SERVER['REQUEST_METHOD']) == 'GET' && !Tools::getValue('noredirect'))

{

$currentURL = preg_replace('/[?&].*$/', '', self::$link->getCategoryLink($this->category));

if

header('HTTP/1.0 301 Moved');

if (defined('_PS_MODE_DEV_') AND

(6)

die('[Debug] This page has

public function preProcess() {

if ($id_category =

(int)Tools::getValue('id_category'))

$this->category = new

Category($id_category, self::$cookie->id_lang);

if (!Validate::isLoadedObject($this->category)) {

header('HTTP/1.1 404 Not Found'); header('Status: 404 Not Found'); }

else

$this->canonicalRedirection();

parent::preProcess(); }

public function process() {

parent::process();

if (!($id_category =

(int)Tools::getValue('id_category')) OR

!Validate::isUnsignedId($id_category))

$this->errors[] =

Tools::displayError('Missing category ID'); else

{

if

(!Validate::isLoadedObject($this->category))

$this->errors[] =

Tools::displayError('Category does not exist');

elseif

(!$this->category->checkAccess((int)(self::$cookie->id_customer)))

$this->errors[] =

Tools::displayError('You do not have access to this category.');

elseif (!$this->category->active)

self::$smarty->assign('category', $this->category);

(7)

$rewrited_url =

self::$link->getCategoryLink((int)$this->category->id,

$this->category->link_rewrite);

/* Scenes (could be externalised to another controler if you need them */

self::$smarty->assign('scenes', Scene::getScenes((int)($this->category->id),

(int)(self::$cookie->id_lang), true, false));

/* Scenes images formats */

if ($sceneImageTypes =

ImageType::getImagesTypes('scenes')) {

foreach ($sceneImageTypes AS

$sceneImageType)

{

if ($sceneImageType['name'] == 'thumb_scene')

$thumbSceneImageType = $sceneImageType;

elseif

($sceneImageType['name'] == 'large_scene')

$largeSceneImageType = $sceneImageType;

}

self::$smarty->assign('thumbSceneImageType',

isset($thumbSceneImageType) ? $thumbSceneImageType :

NULL);

self::$smarty->assign('largeSceneImageType',

isset($largeSceneImageType) ? $largeSceneImageType :

NULL);

}

$this->category->description =

nl2br2($this->category->description);

$subCategories =

$this->category->getSubCategories((int)self::$cookie->id_lang);

self::$smarty->assign('category', $this->category);

if (isset($subCategories) AND

!empty($subCategories) AND $subCategories) {

self::$smarty->assign('subcategories', $subCategories);

(8)

'subcategories_nb_total' => sizeof($subCategories),

'subcategories_nb_half' => ceil(sizeof($subCategories) / 2)));

}

if ($this->category->id != 1) $this->productListAssign();

self::$smarty->assign(array(

'products' =>

(isset($this->cat_products) AND $this->cat_products) ?

$this->cat_products : NULL,

'id_category' => (int)($this->category->id),

'id_category_parent' =>

(int)($this->category->id_parent),

'return_category_name' =>

Tools::safeOutput($this->category->name),

'path' =>

Tools::getPath((int)($this->category->id)),

'add_prod_display' =>

Configuration::get('PS_ATTRIBUTE_CATEGORY_DISPLAY'),

'categorySize' =>

Image::getSize('category'),

'mediumSize' =>

Image::getSize('medium'),

'thumbSceneSize' =>

Image::getSize('thumb_scene'),

'homeSize' =>

Image::getSize('home') ));

if (isset(self::$cookie->id_compare))

self::$smarty-'allow_oosp' =>

(int)(Configuration::get('PS_ORDER_OUT_OF_STOCK')),

'comparator_max_item' =>

(int)(Configuration::get('PS_COMPARATOR_MAX_ITEM')), 'suppliers' => Supplier::getSuppliers() ));

}

(9)

{

$hookExecuted = false;

Module::hookExec('productListAssign',

array('nbProducts' => &$this->nbProducts, 'catProducts'

=> &$this->cat_products, 'hookExecuted' =>

&$hookExecuted));

if(!$hookExecuted) // The hook was not

executed, standard working {

self::$smarty->assign('categoryNameComplement', '');

$this->nbProducts = >category->getProducts(NULL, NULL, NULL, >orderBy, $this->orderWay, true);

$this->pagination((int)$this->nbProducts); // Pagination must be call after "getProducts"

$this->cat_products = $this->category->getProducts((int)(self::$cookie->id_lang), (int)($this->p), (int)($this->n), $this->orderBy, $this->orderWay);

}

else // Hook executed, use the override

$this->pagination((int)$this->nbProducts); // Pagination must be call after "getProducts"

self::$smarty->assign('nb_products', (int)$this->nbProducts);

}

public function displayContent() {

Listing ProductController.php

<?php /*

(10)

* DISCLAIMER *

*

*/

class ProductControllerCore extends FrontController {

protected $product;

public $php_self = 'product.php'; protected $canonicalURL;

parent::setMedia();

Tools::addCSS(_THEME_CSS_DIR_.'product.css'); Tools::addCSS(_PS_CSS_DIR_.'jquery.fancybox-1.3.4.css', 'screen');

(11)

_THEME_JS_DIR_.'tools.js', _THEME_JS_DIR_.'product.js'));

if (Configuration::get('PS_DISPLAY_JQZOOM') == 1)

if (Validate::isLoadedObject($this->product) && strtoupper($_SERVER['REQUEST_METHOD']) == 'GET')

{

$canonicalURL =

self::$link->getProductLink($this->product);

_PS_MODE_DEV_)

if ($id_product =

(int)Tools::getValue('id_product'))

$this->product = new Product($id_product, true, self::$cookie->id_lang);

(12)

header('HTTP/1.1 404 Not Found'); header('Status: 404 Not Found'); }

else

$this->canonicalRedirection();

global $cart, $currency; parent::process();

if (!Validate::isLoadedObject($this->product))

$this->errors[] =

Tools::displayError('Product not found'); else

{

if ((!$this->product->active AND

(Tools::getValue('adtoken') !=

Tools::encrypt('PreviewProduct'.$this->product->id))

$this->errors[] =

Tools::displayError('Product is no longer available.'); }

elseif

(!$this->product->checkAccess((int)self::$cookie->id_customer))

$this->errors[] =

Tools::displayError('You do not have access to this

if (!$this->product->active)

self::$smarty->assign('adminActionDisplay', true);

/* Product pictures management */ require_once('images.inc.php');

(13)

{ >product, $cart);

$this->textRecord($this->product, $cart);

$this->formTargetFormat(); }

elseif

(isset($_GET['deletePicture']) AND

!$cart->deletePictureToProduct((int)($this->product->id), (int)(Tools::getValue('deletePicture'))))

$this->errors[] =

Tools::displayError('An error occurred while deleting the selected picture');

$files =

self::$cookie->getFamily('pictures_'.(int)($this->product->id));

$textFields =

self::$cookie->getFamily('textFields_'.(int)($this->product->id));

foreach ($textFields as $key => $textField)

$textFields[$key] =

str_replace('<br />', "\n", $textField);

self::$smarty->assign(array( 'pictures' => $files,

'textFields' =>

$textFields));

}

/* Features / Values */

$features =

$this->product->getFrontFeatures((int)self::$cookie->id_lang);

$attachments =

($this->product->cache_has_attachments ?

$this->product->getAttachments((int)self::$cookie->id_lang) : array());

/* Category */ $category = false;

if (isset($_SERVER['HTTP_REFERER'])

AND

preg_match('!^(.*)\/([0-9]+)\-(.*[^\.])|(.*)id_category=([0-9]+)(.*)$!',

$_SERVER['HTTP_REFERER'], $regs) AND

(14)

{ array('0' => array('id_category' => (int)($regs[2])))))

$category = new

Category((int)($regs[2]), (int)(self::$cookie->id_lang)); }

elseif (isset($regs[5]) AND

is_numeric($regs[5]))

{

if

(Product::idIsOnCategoryId((int)($this->product->id), array('0' => array('id_category' => (int)($regs[5])))))

$category = new

Category((int)($regs[5]), (int)(self::$cookie->id_lang)); }

}

if (!$category)

$category = new

Category($this->product->id_category_default,

(int)(self::$cookie->id_lang));

if (isset($category) AND

Validate::isLoadedObject($category)) {

'path' =>

Tools::getPath((int)$category->id, $this->product->name, true),

'category' => $category,

'subCategories' =>

$category->getSubCategories((int)self::$cookie->id_lang, true),

'id_category_current' =>

(int)$category->id,

'id_category_parent' =>

(int)$category->id_parent,

(15)

self::$smarty->assign('return_link',

(isset($category->id) AND $category->id) ?

Tools::safeOutput(self::$link->getCategoryLink($category)) : 'javascript:

history.back();');

if (Pack::isPack((int)$this->product->id) AND !Pack::isInStock((int)$this->product-(Pack::isPack((int)$this->product->id))

$this->product->quantity = 0;

$id_customer =

(isset(self::$cookie->id_customer) AND self::$cookie->id_customer) ?

(int)(self::$cookie->id_customer) : 0;

$id_group = $id_customer ?

(int)(Customer::getDefaultGroupId($id_customer)) :

_PS_DEFAULT_CUSTOMER_GROUP_;

$id_country = (int)($id_customer ?

Customer::getCurrentCountry($id_customer) :

Configuration::get('PS_COUNTRY_DEFAULT'));

$group_reduction =

GroupReduction::getValueForProduct($this->product->id, $id_group);

if ($group_reduction == 0)

$group_reduction =

Group::getReduction((int)self::$cookie->id_customer) /

100;

$productPriceWithTax =

Product::getPriceStatic($this->product->id, true, NULL, 6);

if (Product::$_taxCalculationMethod

== PS_TAX_INC)

$productPriceWithTax =

Tools::ps_round($productPriceWithTax, 2);

$productPriceWithoutEcoTax =

(float)($productPriceWithTax - $this->product->ecotax);

$ecotax_rate = (float)

Tax::getProductEcotaxRate($cart->{Configuration::get('PS_TAX_ADDRESS_TYPE')});

$ecotaxTaxAmount =

(16)

if (Product::$_taxCalculationMethod == PS_TAX_INC && (int)Configuration::get('PS_TAX'))

$ecotaxTaxAmount =

Tools::ps_round($ecotaxTaxAmount * (1 + $ecotax_rate / 100), 2);

'quantity_discounts' => $this->formatQuantityDiscounts(SpecificPrice::getQuantityDiscou nts((int)$this->product->id, (int)Shop::getCurrentShop(), (int)self::$cookie->id_currency, $id_country, $id_group), $this->product->getPrice(Product::$_taxCalculationMethod == PS_TAX_INC, false), (float)$tax),

'product' => $this->product,

'ecotax_tax_inc' =>

$ecotaxTaxAmount,

'ecotax_tax_exc' =>

Tools::ps_round($this->product->ecotax, 2),

'ecotaxTax_rate' =>

$ecotax_rate,

'homeSize' =>

Image::getSize('home'),

'product_manufacturer' => new Manufacturer((int)$this->product->id_manufacturer,

self::$cookie->id_lang),

'token' =>

Tools::getToken(false),

'productPriceWithoutEcoTax' => (float)($productPriceWithoutEcoTax),

'features' => $features,

'attachments' => $attachments, 'allow_oosp' => $this->product-

>isAvailableWhenOutOfStock((int)($this->product-'col_img_dir' =>

_PS_COL_IMG_DIR_,

));

'HOOK_EXTRA_LEFT' =>

Module::hookExec('extraLeft'),

'HOOK_EXTRA_RIGHT' =>

Module::hookExec('extraRight'),

'HOOK_PRODUCT_OOS' =>

Hook::productOutOfStock($this->product),

'HOOK_PRODUCT_FOOTER' =>

(17)

'HOOK_PRODUCT_ACTIONS' => Module::hookExec('productActions'),

'HOOK_PRODUCT_TAB' =>

Module::hookExec('productTab'),

'HOOK_PRODUCT_TAB_CONTENT' =>

Module::hookExec('productTabContent') ));

$images =

$this->product->getImages((int)self::$cookie->id_lang);

$productImages = array();

foreach ($images AS $k => $image) {

if ($image['cover']) {

self::$smarty->assign('mainImage', $images[0]);

$cover = $image;

$cover['id_image'] =

(Configuration::get('PS_LEGACY_IMAGES') ?

($this->product->id.'-'.$image['id_image']) :

$image['id_image']);

$cover['id_image_only'] =

(int)($image['id_image']); }

$productImages[(int)$image['id_image']] = $image; }

if (!isset($cover))

$cover = array('id_image' => Language::getIsoById(self::$cookie->id_lang).'-default', 'legend' => 'No picture', 'title' => 'No picture');

$size = Image::getSize('large'); self::$smarty->assign(array(

'cover' => $cover,

'imgWidth' =>

(int)($size['width']),

'mediumSize' =>

Image::getSize('medium'),

'largeSize' =>

Image::getSize('large'),

'accessories' => $this->product->getAccessories((int)self::$cookie->id_lang)

));

if (count($productImages))

self::$smarty->assign('images', $productImages);

(18)

$attributesGroups = $this->product->getAttributesGroups((int)(self::$cookie->id_lang)); // @todo (RM) should only get groups and not all declination ?

if (is_array($attributesGroups) AND $attributesGroups)

{

$groups = array();

$combinationImages =

$this- >product->getCombinationImages((int)(self::$cookie->id_lang));

foreach ($attributesGroups AS $k => $row)

{

/* Color management */ if

(((isset($row['attribute_color']) AND

$row['attribute_color']) OR

(file_exists(_PS_COL_IMG_DIR_.$row['id_attribute'].'.jpg' ))) AND $row['id_attribute_group'] == $this->product->id_color_default)

{

$colors[$row['id_attribute']]['value'] =

$row['attribute_color'];

$colors[$row['id_attribute']]['name'] =

$row['attribute_name']; += (int)($row['quantity']);

}

if

(!isset($groups[$row['id_attribute_group']])) {

$groups[$row['id_attribute_group']] = array( 'name' => $row['public_group_name'],

'is_color_group' => $row['is_color_group'],

(19)

); }

$groups[$row['id_attribute_group']]['attributes'][$r ow['id_attribute']] = $row['attribute_name'];

if ($row['default_on'] && $groups[$row['id_attribute_group']]['default'] == -1)

$groups[$row['id_attribute_group']]['default'] =

(int)($row['id_attribute']); if

(!isset($groups[$row['id_attribute_group']]['attributes_q uantity'][$row['id_attribute']]))

$groups[$row['id_attribute_group']]['attributes_quan tity'][$row['id_attribute']] = 0;

$groups[$row['id_attribute_group']]['attributes_quan tity'][$row['id_attribute']] += (int)($row['quantity']);

$combinations[$row['id_product_attribute']]['attribu

tes_values'][$row['id_attribute_group']] =

$row['attribute_name'];

$combinations[$row['id_product_attribute']]['attribu tes'][] = (int)($row['id_attribute']);

$combinations[$row['id_product_attribute']]['price'] = (float)($row['price']);

$combinations[$row['id_product_attribute']]['ecotax' ] = (float)($row['ecotax']);

$combinations[$row['id_product_attribute']]['weight' ] = (float)($row['weight']);

$combinations[$row['id_product_attribute']]['quantit y'] = (int)($row['quantity']);

$combinations[$row['id_product_attribute']]['referen ce'] = $row['reference'];

$combinations[$row['id_product_attribute']]['ean13'] = $row['ean13'];

(20)

$combinations[$row['id_product_attribute']]['minimal _quantity'] = $row['minimal_quantity'];

$combinations[$row['id_product_attribute']]['id_imag attributes are unavailables and if allowed to wash it)

if

(!Product::isAvailableWhenOutOfStock($this->product->out_of_stock) &&

Configuration::get('PS_DISP_UNAVAILABLE_ATTR') == 0) {

foreach ($groups AS

&$group)

foreach

($group['attributes_quantity'] AS $key => &$quantity) if (!$quantity)

unset($group['attributes'][$key]);

foreach ($groups AS &$group)

natcasesort($group['attributes']);

foreach ($combinations AS

$id_product_attribute => $comb) {

$attributeList = ''; foreach

($comb['attributes'] AS $id_attribute)

$attributeList .=

'\''.(int)($id_attribute).'\',';

$attributeList =

(21)

$combinations[$id_product_attribute]['list'] = $attributeList;

}

self::$smarty->assign(array( 'groups' => $groups,

'combinaisons' =>

$combinations, /* Kept for compatibility purpose only */

'combinations' =>

$combinations,

'colors' =>

(sizeof($colors) AND $this->product->id_color_default) ? $colors : false,

'combinationImages' =>

$combinationImages)); }

'no_tax' =>

Tax::excludeTaxeOption() OR

!Tax::getProductTaxRate((int)$this->product->id, $cart->{Configuration::get('PS_TAX_ADDRESS_TYPE')}),

'customizationFields' =>

($this->product->customizable ?

$this->product->getCustomizationFields((int)self::$cookie->id_lang) : false)

));

// Pack management

self::$smarty->assign('packItems', $this->product->cache_is_pack ? Pack::getItemTable($this->product->id, (int)(self::$cookie->id_lang), true) : array());

self::$smarty->assign('packs', Pack::getPacksTable($this->product->id,

(int)(self::$cookie->id_lang), true, 1)); }

}

'ENT_NOQUOTES' => ENT_NOQUOTES,

'outOfStockAllowed' =>

(int)(Configuration::get('PS_ORDER_OUT_OF_STOCK')), 'errors' => $this->errors,

'categories' =>

Category::getHomeCategories((int)self::$cookie->id_lang),

'have_image' => (isset($cover) ?

(22)

'tax_enabled' => Configuration::get('PS_TAX'),

'display_qties' =>

(int)Configuration::get('PS_DISPLAY_QTIES'),

'display_ht' => !Tax::excludeTaxeOption(), 'ecotax' => (!sizeof($this->errors) AND

$this->product->ecotax > 0 ?

Tools::convertPrice((float)($this->product->ecotax)) : 0),

'currencySign' => $currency->sign,

'currencyRate' =>

$currency->conversion_rate,

'currencyFormat' => $currency->format, 'currencyBlank' => $currency->blank,

'jqZoomEnabled' =>

Configuration::get('PS_DISPLAY_JQZOOM') ));

}

parent::displayContent();

self::$smarty->display(_PS_THEME_DIR_.'product.tpl'); }

public function pictureUpload(Product $product, Cart $cart)

{

if (!$fieldIds =

$this->product->getCustomizationFieldIds()) return false;

$authorizedFileFields = array(); foreach ($fieldIds AS $fieldId)

if ($fieldId['type'] == _CUSTOMIZE_FILE_)

$authorizedFileFields[(int)($fieldId['id_customizati

on_field'])] =

'file'.(int)($fieldId['id_customization_field']);

$indexes = array_flip($authorizedFileFields); foreach ($_FILES AS $fieldName => $file)

if (in_array($fieldName,

$authorizedFileFields) AND isset($file['tmp_name']) AND !empty($file['tmp_name']))

{

$fileName = md5(uniqid(rand(),

true));

if ($error = checkImage($file,

(23)

$this->errors[] = $error;

if ($error OR (!$tmpName =

tempnam(_PS_TMP_IMG_DIR_, 'PS') OR

!move_uploaded_file($file['tmp_name'], $tmpName))) return false;

/* Original file */

elseif (!imageResize($tmpName,

_PS_UPLOAD_DIR_.$fileName))

$this->errors[] =

Tools::displayError('An error occurred during the image upload.');

/* A smaller one */

elseif (!imageResize($tmpName,

_PS_UPLOAD_DIR_.$fileName.'_small',

(int)(Configuration::get('PS_PRODUCT_PICTURE_WIDTH')), (int)(Configuration::get('PS_PRODUCT_PICTURE_HEIGHT'))))

$this->errors[] =

elseif

(!chmod(_PS_UPLOAD_DIR_.$fileName, 0777) OR

!chmod(_PS_UPLOAD_DIR_.$fileName.'_small', 0777))

$this->errors[] =

else

$cart->addPictureToProduct((int)($this->product->id), $indexes[$fieldName], $fileName);

unlink($tmpName); }

return true; }

public function textRecord(Product $product, Cart $cart)

{

if (!$fieldIds =

$this->product->getCustomizationFieldIds()) return false;

$authorizedTextFields = array(); foreach ($fieldIds AS $fieldId)

if ($fieldId['type'] ==

_CUSTOMIZE_TEXTFIELD_)

$authorizedTextFields[(int)($fieldId['id_customizati

on_field'])] =

(24)

foreach ($_POST AS $fieldName => $value)

if (in_array($fieldName,

$authorizedTextFields) AND !empty($value)) {

if (!Validate::isMessage($value))

$this->errors[] =

Tools::displayError('Invalid message'); else

$cart->addTextFieldToProduct((int)($this->product->id), $indexes[$fieldName], $value);

}

elseif (in_array($fieldName,

$authorizedTextFields) AND empty($value))

$cart->deleteTextFieldFromProduct((int)($this->product->id), $indexes[$fieldName]);

}

public function formTargetFormat() {

$customizationFormTarget =

Tools::safeOutput(urldecode($_SERVER['REQUEST_URI'])); foreach ($_GET AS $field => $value)

if (strncmp($field, 'group_', 6) == 0)

$customizationFormTarget =

preg_replace('/&group_([[:digit:]]+)=([[:digit:]]+)/', '', $customizationFormTarget);

if (isset($_POST['quantityBackup']))

self::$smarty->assign('quantityBackup',

public function

formatQuantityDiscounts($specificPrices, $price,

$taxRate) {

foreach ($specificPrices AS $key => &$row) {

$row['quantity'] = &$row['from_quantity']; // The price may be directly set

if ($row['price'] != 0) {

$cur_price =

(Product::$_taxCalculationMethod == PS_TAX_EXC ?

(25)

$cur_price =

Product::$_taxCalculationMethod == PS_TAX_INC ?

$cur_price - $row['reduction'] : $cur_price -

Tools::convertPrice($reduction_amount, $id_currency);

$row['real_value'] =

Product::$_taxCalculationMethod == PS_TAX_INC ?

$reduction_amount : $reduction_amount / (1 + $taxRate /

$row['reduction'] * 100; }

}

$row['nextQuantity'] =

(isset($specificPrices[$key + 1]) ?

(int)($specificPrices[$key + 1]['from_quantity']) : -1); }

return $specificPrices; }

}

Listing AuthController.php

<?php /*

(26)

*

* DISCLAIMER *

*

*/

class AuthControllerCore extends FrontController {

public $ssl = true;

public $php_self = 'authentication.php';

parent::preProcess();

if (self::$cookie->isLogged() AND

!Tools::isSubmit('ajax'))

Tools::redirect('my-account.php');

if (Tools::getValue('create_account')) {

$create_account = 1;

(27)

}

if (Tools::isSubmit('SubmitCreate')) {

if (!Validate::isEmail($email =

Tools::getValue('email_create')) OR empty($email))

$this->errors[] =

Tools::displayError('Invalid e-mail address');

elseif (Customer::customerExists($email)) {

$this->errors[] =

Tools::displayError('An account is already registered with this e-mail, please fill in the password or request

self::$smarty->assign('email_create', Tools::safeOutput($email));

$_POST['email'] = $email;

} }

if (Tools::isSubmit('submitAccount') OR

Tools::isSubmit('submitGuestAccount')) {

if (Tools::isSubmit('submitAccount'))

self::$smarty->assign('email_create', 1);

/* New Guest customer */

if (!Tools::getValue('is_new_customer', 1) AND !Configuration::get('PS_GUEST_CHECKOUT_ENABLED'))

$this->errors[] =

Tools::displayError('You cannot create a guest

account.');

if (!Tools::getValue('is_new_customer',

1))

$_POST['passwd'] =

md5(time()._COOKIE_KEY_);

if (isset($_POST['guest_email']) AND

$_POST['guest_email'])

$_POST['email'] =

(28)

/* Preparing customer */ $customer = new Customer();

$lastnameAddress = $_POST['lastname']; $firstnameAddress = $_POST['firstname'];

$_POST['lastname'] =

$_POST['customer_lastname'];

$_POST['firstname'] =

$_POST['customer_firstname'];

if (!Tools::getValue('phone') AND

!Tools::getValue('phone_mobile'))

$this->errors[] =

Tools::displayError('You must register at least one phone number');

if (!@checkdate(Tools::getValue('months'),

Tools::getValue('days'), Tools::getValue('years')) AND

!(Tools::getValue('months') == '' AND

Tools::getValue('days') == '' AND

Tools::getValue('years') == ''))

$this->errors[] =

Tools::displayError('Invalid date of birth');

$customer->birthday =

(empty($_POST['years']) ? '' : (int)($_POST['years']).'-'.(int)($_POST['months']).'-'.(int)($_POST['days']));

$this->errors =

array_unique(array_merge($this->errors,

$customer->validateControler()));

/* Preparing address */ $address = new Address();

$_POST['lastname'] = $lastnameAddress; $_POST['firstname'] = $firstnameAddress; $address->id_customer = 1;

$this->errors =

array_unique(array_merge($this->errors,

$address->validateControler()));

/* US customer: normalize the address */

if ($address->id_country ==

Country::getByIso('US'))

$address->address1 =

$normalize->AddressLineStandardization($address->address1);

$address->address2 =

(29)

}

$zip_code_format =

Country::getZipCodeFormat((int)(Tools::getValue('id_count

Tools::getValue('postcode')) AND $zip_code_format) {

$zip_regexp =

'/^'.$zip_code_format.'$/ui';

$zip_regexp = str_replace(' ', '( |)', $zip_regexp);

$zip_regexp = str_replace('-', '(-|)', $zip_regexp);

$zip_regexp = str_replace('N', '[0-9]', $zip_regexp);

$zip_regexp = str_replace('L', '[a-zA-Z]', $zip_regexp);

$zip_regexp = str_replace('C', Country::getIsoById((int)(Tools::getValue('id_country'))) , $zip_regexp);

if (!preg_match($zip_regexp,

$postcode))

$this->errors[] =

'<strong>'.Tools::displayError('Zip/ Postal

code').'</strong> '.Tools::displayError('is

invalid.').'<br />'.Tools::displayError('Must be typed as

follows:').' '.str_replace('C',

Country::getIsoById((int)(Tools::getValue('id_country')))

, str_replace('N', '0', str_replace('L', 'A',

$zip_code_format))); }

elseif ($zip_code_format)

$this->errors[] =

code').'</strong> '.Tools::displayError('is required.');

elseif ($postcode AND

!preg_match('/^[0-9a-zA-Z -]{4,9}$/ui', $postcode))

$this->errors[] =

code').'</strong> '.Tools::displayError('is invalid.'); }

if

(Country::isNeedDniByCountryId($address->id_country) AND

(!Tools::getValue('dni') OR

(30)

$this->errors[] = Tools::displayError('Identification number is incorrect or has already been used.');

elseif

(!Country::isNeedDniByCountryId($address->id_country)) $address->dni = NULL;

if (!sizeof($this->errors)) {

if

(Customer::customerExists(Tools::getValue('email')))

$this->errors[] =

Tools::displayError('An account is already registered with this e-mail, please fill in the password or request a new one.');

if (Tools::isSubmit('newsletter')) {

$customer->ip_registration_newsletter =

pSQL(Tools::getRemoteAddr());

$customer->newsletter_date_add = pSQL(date('Y-m-d H:i:s'));

}

if (!sizeof($this->errors)) {

if (!$country = new

Country($address->id_country,

Configuration::get('PS_LANG_DEFAULT')) OR

!Validate::isLoadedObject($country))

die(Tools::displayError());

if

((int)($country->contains_states) AND !(int)($address->id_state))

$this->errors[] =

Tools::displayError('This country requires a state

selection.');

else {

$customer->active = 1; /* New Guest customer */ if

(Tools::isSubmit('is_new_customer'))

$customer->is_guest = !Tools::getValue('is_new_customer', 1);

else

$customer->is_guest = 0;

(31)

$this->errors[] = Tools::displayError('An error occurred while creating your account.');

else {

$address->id_customer = (int)($customer->id);

if (!$address->add()) $this->errors[] = Tools::displayError('An error occurred while creating your address.');

else {

if

(!$customer->is_guest)

{

if

(!Mail::Send((int)(self::$cookie->id_lang), 'account',

Mail::l('Welcome!'),

array('{firstname}' => $customer->firstname,

'{lastname}' => $customer->lastname, '{email}' =>

$customer->email, '{passwd}' =>

Tools::getValue('passwd')), >email, $customer->firstname.' '.$customer->lastname))

$this->errors[] = Tools::displayError('Cannot send email');

}

self::$smarty->assign('confirmation', 1);

self::$cookie->id_customer = (int)($customer->id);

self::$cookie->customer_lastname = $customer->lastname;

self::$cookie->customer_firstname = $customer->firstname;

self::$cookie->passwd = $customer-self::$cookie->passwd;

self::$cookie->logged = 1;

self::$cookie->email = $customer-self::$cookie->email;

self::$cookie->is_guest = !Tools::getValue('is_new_customer', 1);

/* Update cart

address */

(32)

self::$cart->id_address_delivery =

Address::getFirstCustomerAddressId((int)($customer->id));

self::$cart->id_address_invoice =

self::$cart->update();

Module::hookExec('createAccount', array(

'_POST' => $_POST,

'newCustomer' => $customer

));

'hasError' => !empty($this->errors),

'errors' => $this->errors,

'isSaved' => true,

'id_customer' => (int)self::$cookie->id_customer,

'id_address_delivery' =>

self::$cart->id_address_delivery,

'id_address_invoice' =>

self::$cart->id_address_invoice,

'token' => Tools::getToken(false)

(33)

}

if (sizeof($this->errors)) {

if

(!Tools::getValue('is_new_customer'))

unset($_POST['passwd']); if (Tools::isSubmit('ajax')) {

$return = array(

'hasError' => !empty($this->errors),

'errors' => $this->errors, 'isSaved' => false,

'id_customer' => 0 );

die(Tools::jsonEncode($return)); }

} }

if (Tools::isSubmit('SubmitLogin')) {

Module::hookExec('beforeAuthentication'); $passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email))

$this->errors[] =

Tools::displayError('E-mail address required'); elseif (!Validate::isEmail($email))

$this->errors[] =

Tools::displayError('Invalid e-mail address'); elseif (empty($passwd))

$this->errors[] =

Tools::displayError('Password is required');

elseif (Tools::strlen($passwd) > 32)

$this->errors[] =

Tools::displayError('Password is too long');

elseif (!Validate::isPasswd($passwd))

$this->errors[] =

Tools::displayError('Invalid password'); else

{

$customer = new Customer();

$authentication =

$customer->getByEmail(trim($email), trim($passwd));

if (!$authentication OR !$customer->id)

{

(34)

$this->errors[] = Tools::displayError('Authentication failed');

} else {

self::$cookie->id_compare =

isset(self::$cookie->id_compare) ?

self::$cookie->id_compare:

CompareProduct::getIdCompareByIdCustomer($customer->id);

self::$cookie->id_customer =

(int)($customer->id);

self::$cookie->customer_lastname = $customer->lastname;

self::$cookie->customer_firstname = $customer->firstname;

self::$cookie->logged = 1;

self::$cookie->is_guest =

$customer->isGuest();

self::$cookie->passwd =

$customer->passwd;

self::$cookie->email =

$customer->email;

if

(Configuration::get('PS_CART_FOLLOWING') AND

(empty(self::$cookie->id_cart) OR

Cart::getNbProducts(self::$cookie->id_cart) == 0))

self::$cookie->id_cart =

(int)(Cart::lastNoneOrderedCart((int)($customer->id))); /* Update cart address */

self::$cart->id_carrier = 0; self::$cart->id_address_delivery

=

self::$cart->id_address_invoice

=

// If a logged guest logs in as a customer, the cart secure key was already set and needs to be updated

self::$cart->secure_key =

$customer->secure_key;

self::$cart->update();

Module::hookExec('authentication');

if (!Tools::isSubmit('ajax')) {

if ($back =

Tools::getValue('back'))

(35)

Tools::redirect('my-account.php');

} }

}

if (Tools::isSubmit('ajax')) {

$return = array(

'hasError' =>

!empty($this->errors),

'errors' => $this->errors,

'token' =>

if (isset($create_account)) {

/* Select the most appropriate country */

if (isset($_POST['id_country']) AND

is_numeric($_POST['id_country']))

$selectedCountry =

(int)($_POST['id_country']);

/* FIXME : language iso and country iso are not similar,

* maybe an associative table with country an language can resolve it,

* But for now it's a bug !

$selectedCountry =

Country::getByIso($array[0]);

if (!$selectedCountry)

$selectedCountry =

(int)(Configuration::get('PS_COUNTRY_DEFAULT')); }

}*/

(36)

$selectedCountry = >id_lang, true, true);

else

$countries =

Country::getCountries((int)self::$cookie->id_lang, true);

self::$smarty->assign(array( 'countries' => $countries,

'sl_country' =>

(isset($selectedCountry) ? $selectedCountry : 0),

'vat_management' =>

Configuration::get('VATNUMBER_MANAGEMENT') ));

/* Call a hook to display more information on form */

'HOOK_CREATE_ACCOUNT_FORM' =>

Module::hookExec('createAccountForm'),

'HOOK_CREATE_ACCOUNT_TOP' =>

Module::hookExec('createAccountTop') ));

}

/* Generate years, months and days */

if (isset($_POST['years']) AND

is_numeric($_POST['years']))

$selectedYears = (int)($_POST['years']); $years = Tools::dateYears();

if (isset($_POST['months']) AND

is_numeric($_POST['months']))

$selectedMonths = (int)($_POST['months']); $months = Tools::dateMonths();

if (isset($_POST['days']) AND

is_numeric($_POST['days']))

$selectedDays = (int)($_POST['days']); $days = Tools::dateDays();

self::$smarty->assign(array( 'years' => $years,

'sl_year' => (isset($selectedYears) ?

$selectedYears : 0),

(37)

'sl_month' => (isset($selectedMonths) ? $selectedMonths : 0),

'days' => $days,

'sl_day' => (isset($selectedDays) ?

$selectedDays : 0) ));

self::$smarty->assign('newsletter', (int)Module::getInstanceByName('blocknewsletter')->active);

}

parent::setMedia();

Tools::addCSS(_THEME_CSS_DIR_.'authentication.css');

Tools::addJS(array(_THEME_JS_DIR_.'tools/statesManag

ement.js',

_PS_JS_DIR_.'jquery/jquery-typewatch.pack.js')); }

parent::process();

$back = Tools::getValue('back');

$key =

Tools::safeOutput(Tools::getValue('key')); if (!empty($key))

$back .= (strpos($back, '?') !== false ? '&' : '?').'key='.$key;

if (!empty($back)) {

self::$smarty->assign('back', Tools::safeOutput($back));

if (strpos($back, 'order.php') !== false) {

if

(Configuration::get('PS_RESTRICT_DELIVERED_COUNTRIES'))

$countries =

Carrier::getDeliveredCountries((int)self::$cookie->id_lang, true, true);

else

$countries =

Country::getCountries((int)self::$cookie->id_lang, true);

(38)

'PS_GUEST_CHECKOUT_ENABLED' => Configuration::get('PS_GUEST_CHECKOUT_ENABLED'),

'sl_country' =>

(int)Tools::getValue('id_country',

Configuration::get('PS_COUNTRY_DEFAULT')),

'countries' => $countries ));

} }

}

protected function processAddressFormat() {

$addressItems = array();

$addressFormat =

AddressFormat::getOrderedAddressFields(Configuration::get ('PS_COUNTRY_DEFAULT'), false, true);

$requireFormFieldsList =

AddressFormat::$requireFormFieldsList;

foreach ($addressFormat as $addressline)

foreach (explode(' ', $addressline) as $addressItem)

$addressItems[] = trim($addressItem);

// Add missing require fields for a new user susbscription form

foreach($requireFormFieldsList as $fieldName) if (!in_array($fieldName, $addressItems))

$addressItems[] = trim($fieldName);

foreach (array('inv', 'dlv') as $addressType)

self::$smarty->assign(array($addressType.'_adr_fields' =>

$addressFormat, $addressType.'_all_fields' =>

$addressItems)); }

(39)

Listing ManufacturerController.php

<?php /*

* DISCLAIMER *

*

*/

class ManufacturerControllerCore extends FrontController {

public $php_self = 'manufacturer.php';

protected $manufacturer;

(40)

Tools::addCSS(_THEME_CSS_DIR_.'product_list.css'); }

if

(Validate::isLoadedObject($this->manufacturer) &&

Configuration::get('PS_CANONICAL_REDIRECT') &&

strtoupper($_SERVER['REQUEST_METHOD']) == 'GET') {

$canonicalURL =

self::$link->getManufacturerLink($this->manufacturer);

_PS_MODE_DEV_)

if ($id_manufacturer =

(int)Tools::getValue('id_manufacturer')) {

$this->manufacturer = new

Manufacturer($id_manufacturer, self::$cookie->id_lang);

if

(!Validate::isLoadedObject($this->manufacturer) OR !$this->manufacturer->active) {

header('HTTP/1.1 404 Not Found'); header('Status: 404 Not Found');

$this->errors[] =

Tools::displayError('Manufacturer does not exist.'); }

else

(41)

if

(Validate::isLoadedObject($this->manufacturer) AND $this->manufacturer->active) {

$nbProducts =

$this->manufacturer->getProducts($this->manufacturer->id, NULL, NULL, NULL, $this->orderBy, $this->orderWay, true);

$this->pagination($nbProducts); self::$smarty->assign(array(

'nb_products' => $nbProducts,

'products' => $this->manufacturer->getProducts($this->manufacturer->id, (int)self::$cookie->id_lang, (int)$this->p, (int)$this->n, $this->orderBy, $this->orderWay),

'path' => ($this->manufacturer->active ? Tools::safeOutput($this->manufacturer->name) : ''),

'manufacturer' =>

$this->manufacturer)); }

elseif (!Tools::getValue('id_manufacturer')) {

if

(Configuration::get('PS_DISPLAY_SUPPLIERS')) {

$result =

Manufacturer::getManufacturers(true,

(int)self::$cookie->id_lang, true);

$nbProducts = count($result); $this->pagination($nbProducts);

$manufacturers =

Manufacturer::getManufacturers(true,

(int)self::$cookie->id_lang, true, $this->p, $this->n);

foreach ($manufacturers AS &$row)

$row['image'] =

(!file_exists(_PS_MANU_IMG_DIR_.'/'.$row['id_manufacturer

'].'-medium.jpg')) ?

Language::getIsoById((int)self::$cookie->id_lang).'-default' : $row['id_manufacturer'];

'pages_nb' => ceil($nbProducts / (int)$this->n),

'nbManufacturers' =>

(42)

'mediumSize' => Image::getSize('medium'),

'manufacturers' =>

$manufacturers,

Configuration::get('PS_ATTRIBUTE_CATEGORY_DISPLAY'), ));

} else

self::$smarty->assign('nbManufacturers', 0);

} }

public function displayHeader() {

parent::displayHeader(); $this->productSort(); }

parent::displayContent(); if ($this->manufacturer)

self::$smarty-Listing CMSController.php

<?php /*

(43)

* DISCLAIMER *

*

*/

class CmsControllerCore extends FrontController {

public $php_self = 'cms.php';

public $assignCase; public $cms;

public $cms_category;

if (Configuration::get('PS_CANONICAL_REDIRECT') && strtoupper($_SERVER['REQUEST_METHOD']) == 'GET')

{

if (Validate::isLoadedObject($this->cms) AND $canonicalURL = self::$link->getCMSLink($this->cms))

if

(!preg_match('/^'.Tools::pRegexp($canonicalURL, '/').'([&?].*)?$/',

(44)

{

header('HTTP/1.0 301 Moved'); if (_PS_MODE_DEV_)

die('[Debug] This page has moved<br />Please use the following URL instead: <a href="'.$canonicalURL.'">'.$canonicalURL.'</a>');

Tools::redirectLink($canonicalURL); }

if

(Validate::isLoadedObject($this->cms_category) AND $canonicalURL =

self::$link->getCMSCategoryLink($this->cms_category))

header('HTTP/1.0 301 Moved'); if (_PS_MODE_DEV_ )

die('[Debug] This page has

if ($id_cms = (int)Tools::getValue('id_cms'))

$this->cms = new CMS($id_cms,

self::$cookie->id_lang);

elseif ($id_cms_category =

(int)Tools::getValue('id_cms_category'))

$this->cms_category = new

CMSCategory($id_cms_category, self::$cookie->id_lang); $this->canonicalRedirection();

parent::preProcess();

/* assignCase (1 = CMS page, 2 = CMS category) */

if (Validate::isLoadedObject($this->cms) AND ($this->cms->active OR (Tools::getValue('adtoken') ==

Tools::encrypt('PreviewCMS'.$this->cms->id) AND

file_exists(dirname(__FILE__).'/../'.Tools::getValue('ad' ).'/ajax.php'))))

(45)

elseif (Validate::isLoadedObject($this->cms_category))

$this->assignCase = 2; else

Tools::display404Error('404.php');

// too early if in setMedia if ($this->assignCase == 1)

Tools::addJS(_THEME_JS_DIR_.'cms.js'); }

parent::setMedia();

Tools::addCSS(_THEME_CSS_DIR_.'cms.css'); }

parent::process();

$parent_cat = new CMSCategory(1,

(int)(self::$cookie->id_lang));

if ($this->assignCase == 1) {

self::$smarty->assign(array( 'cms' => $this->cms,

'content_only' =>

(int)(Tools::getValue('content_only')),

'path' =>

((isset($this->cms->id_cms_category) AND $this->cms->id_cms_category) ? Tools::getFullPath((int)($this->cms->id_cms_category), $this->cms->meta_title, 'CMS') : Tools::getFullPath(1, $this->cms->meta_title, 'CMS'))

)); }

elseif ($this->assignCase == 2) {

'category' => $this->cms_category,

'sub_category' =>

(46)

'cms_pages' => CMS::getCMSPages((int)(self::$cookie->id_lang),

(int)($this->cms_category->id) ),

'path' => ($this->cms_category->id !== 1) ? Tools::getPath((int)($this->cms_category->id), $this->cms_category->name, false, 'CMS') : '',

)); }

}

Listing BestSalesController.php

<?php /*

* DISCLAIMER *

(47)

*/

class BestSalesControllerCore extends FrontController {

public $php_self = 'best-sales.php';

$this->productSort();

$nbProducts = (int)(ProductSale::getNbSales()); $this->pagination($nbProducts);

'products' =>

ProductSale::getBestSales((int)(self::$cookie->id_lang), (int)($this->p) - 1, (int)($this->n), $this->orderBy, $this->orderWay),

Configuration::get('PS_ATTRIBUTE_CATEGORY_DISPLAY'), 'nbProducts' => $nbProducts,

'homeSize' => Image::getSize('home') ));

}

parent::setMedia();

(48)

Listing NewProductsController.php

<?php /*

* DISCLAIMER *

*

*/

class NewProductsControllerCore extends FrontController {

public $php_self = 'new-products.php';

parent::setMedia();

(49)

public function process() isset($this->n) ? (int)($this->n) : NULL, true));

$this->pagination($nbProducts);

'products' =>

Product::getNewProducts((int)(self::$cookie->id_lang), (int)(>p) - 1, (int)(>n), false, $this->orderBy, $this->orderWay),

Configuration::get('PS_ATTRIBUTE_CATEGORY_DISPLAY'), 'nbProducts' => (int)($nbProducts), 'homeSize' => Image::getSize('home') ));

}

Listing PricesDropController.php

<?php /*

(50)

* obtain it through the world-wide-web, please send an email

* to [email protected] so we can send you a copy immediately.

*

* DISCLAIMER *

*

*/

class PricesDropControllerCore extends FrontController {

public $php_self = 'prices-drop.php';

parent::setMedia();

parent::process();

$this->productSort();

$nbProducts =

Product::getPricesDrop((int)(self::$cookie->id_lang), NULL, NULL, true);

$this->pagination($nbProducts);

'products' =>

(51)

'add_prod_display' => Configuration::get('PS_ATTRIBUTE_CATEGORY_DISPLAY'),

'nbProducts' => $nbProducts,

'homeSize' => Image::getSize('home') ));

}

Listing Login.php

<?php /*

* DISCLAIMER *

*

(52)

*/

ob_start();

define('PS_ADMIN_DIR', getcwd());

include(PS_ADMIN_DIR.'/../config/config.inc.php'); include(PS_ADMIN_DIR.'/functions.php');

$clientIsMaintenanceOrLocal =

in_array(Tools::getRemoteAddr(),

array_merge(array('127.0.0.1'),explode(',', Configuration::get('PS_MAINTENANCE_IP'))));

$errors = array();

if ((empty($_SERVER['HTTPS']) OR

strtolower($_SERVER['HTTPS']) == 'off')

AND Configuration::get('PS_SSL_ENABLED')) {

// You can uncomment theses lines if you want to force https even from localhost and automatically redirect

// header('HTTP/1.1 301 Moved Permanently');

// header('Location:

'.Tools::getShopDomainSsl(true).$_SERVER['REQUEST_URI']); // exit();

// If ssl is enabled, https protocol is required. Exception for maintenance and local (127.0.0.1) IP

if ($clientIsMaintenanceOrLocal)

$errors[] = translate('SSL is activated.

However, your IP is allowed to use unsecure mode (Maintenance or local IP).').'<br/>';

else

$warningSslMessage = translate('SSL is

activated. Please connect using the following url to log in in secure mode (https).')

.'<br/><br/><a

(53)

if (!isset($cookie->id_lang))

$cookie->id_lang =

Configuration::get('PS_LANG_DEFAULT');

$iso =

strtolower(Language::getIsoById((int)($cookie->id_lang)));

include(_PS_TRANSLATIONS_DIR_.$iso.'/admin.php'); include(_PS_TRANSLATIONS_DIR_.$iso.'/errors.php');

/* Cookie creation and redirection */ if (Tools::isSubmit('Submit'))

{

/* Check fields validity */

$passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email))

$errors[] = Tools::displayError('E-mail is

empty');

elseif (!Validate::isEmail($email))

$errors[] = Tools::displayError('Invalid e-mail address');

elseif (empty($passwd))

$errors[] = Tools::displayError('Password is blank');

elseif (!Validate::isPasswd($passwd))

$errors[] = Tools::displayError('Invalid

password'); else {

/* Seeking for employee */

$employee = new Employee();

$employee = $employee->getByemail($email,

$passwd);

if (!$employee) {

$errors[] = Tools::displayError('Employee does not exist or password is incorrect.');

$cookie->logout(); }

else {

/* Creating cookie */

$cookie->id_employee = $employee->id; $cookie->email = $employee->email;

$cookie->profile = $employee->id_profile; $cookie->passwd = $employee->passwd;

$cookie->remote_addr =

ip2long(Tools::getRemoteAddr()); $cookie->write();

(54)

$url =

strval($_GET['redirect'].(isset($_GET['token']) ?

('&token='.$_GET['token']) : '')); else

$url = 'index.php';

if (!Validate::isCleanHtml($url)) die(Tools::displayError());

echo '<!DOCTYPE html PUBLIC "-//W3C//DTD

XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

content="0;URL='.str_replace('&', '&',

Tools::safeOutput($url, true)).'"> <head>

window.location.replace("'.str_replace('&', '&', Tools::safeOutput($url, true)).'");

</script>

<div style="text-align:center; margin-top:250px;"><a href="'.str_replace('&', '&', Tools::safeOutput($url, true)).'">'.translate('Click here to launch Administration panel').'</a></div>

</head>

<html xmlns="http://www.w3.org/1999/xhtml"

xml:lang="'.$iso.'" lang="'.$iso.'"> <head>

content="text/html; charset=utf-8" />

<title>PrestaShop™ -

'.translate('Administration panel').'</title>'; echo '

(55)

<div id="container">';

if ($nbErrors = sizeof($errors)) {

echo '

<h3>'.($nbErrors > 1 ? translate('There are') : translate('There is')).' '.$nbErrors.' '.($nbErrors > 1 ? translate('errors') : translate('error')).'</h3>

<ol style="margin: 0 0 0 20px;">'; foreach ($errors AS $error)

echo '<li>'.$error.'</li>'; echo '

<h1>'.Tools::htmlentitiesUTF8(Configuration::get('PS _SHOP_NAME')).'</h1>

<form

action="'.Tools::htmlentitiesUTF8($_SERVER['REQUEST_URI'] ).'" method="post">';

$randomNb = rand(100, 999);

if (file_exists(PS_ADMIN_DIR.'/../install') OR

file_exists(PS_ADMIN_DIR.'/../admin')) {

echo ' <span>'.translate('For

security reasons, you cannot connect to the Back Office until after you have:').'<br /><br />

- '.translate('delete the /install

folder').'<br />