[TEP-COMMIT] CVS: admin/admin currencies.php,1.46,1.47

Update of /cvsroot/tep/admin/admin
In directory sc8-pr-cvs1:/tmp/cvs-serv25682

Modified Files:
        currencies.php 
Log Message:
standards updates


Index: currencies.php
===================================================================
RCS file: /cvsroot/tep/admin/admin/currencies.php,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -d -r1.46 -r1.47
--- currencies.php      2 May 2003 12:36:30 -0000       1.46
+++ currencies.php      20 Jun 2003 00:32:06 -0000      1.47
@@ -5,7 +5,7 @@
   osCommerce, Open Source E-Commerce Solutions
   http://www.oscommerce.com
 
-  Copyright (c) 2002 osCommerce
+  Copyright (c) 2003 osCommerce
 
   Released under the GNU General Public License
 */
@@ -15,11 +15,13 @@
   require(DIR_WS_CLASSES . 'currencies.php');
   $currencies = new currencies();
 
-  if ($HTTP_GET_VARS['action']) {
-    switch ($HTTP_GET_VARS['action']) {
+  $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');
+
+  if (tep_not_null($action)) {
+    switch ($action) {
       case 'insert':
       case 'save':
-        $currency_id = tep_db_prepare_input($HTTP_GET_VARS['cID']);
+        if (isset($HTTP_GET_VARS['cID'])) $currency_id = 
tep_db_prepare_input($HTTP_GET_VARS['cID']);
         $title = tep_db_prepare_input($HTTP_POST_VARS['title']);
         $code = tep_db_prepare_input($HTTP_POST_VARS['code']);
         $symbol_left = tep_db_prepare_input($HTTP_POST_VARS['symbol_left']);
@@ -38,16 +40,17 @@
                                 'decimal_places' => $decimal_places,
                                 'value' => $value);
 
-        if ($HTTP_GET_VARS['action'] == 'insert') {
+        if ($action == 'insert') {
           tep_db_perform(TABLE_CURRENCIES, $sql_data_array);
           $currency_id = tep_db_insert_id();
-        } elseif ($HTTP_GET_VARS['action'] == 'save') {
-          tep_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', 
"currencies_id = '" . tep_db_input($currency_id) . "'");
+        } elseif ($action == 'save') {
+          tep_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', 
"currencies_id = '" . (int)$currency_id . "'");
         }
 
-        if ($HTTP_POST_VARS['default'] == 'on') {
+        if (isset($HTTP_POST_VARS['default']) && ($HTTP_POST_VARS['default'] 
== 'on')) {
           tep_db_query("update " . TABLE_CONFIGURATION . " set 
configuration_value = '" . tep_db_input($code) . "' where configuration_key = 
'DEFAULT_CURRENCY'");
         }
+
         tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . 
$HTTP_GET_VARS['page'] . '&cID=' . $currency_id));
         break;
       case 'deleteconfirm':
@@ -55,11 +58,12 @@
 
         $currency_query = tep_db_query("select currencies_id from " . 
TABLE_CURRENCIES . " where code = '" . DEFAULT_CURRENCY . "'");
         $currency = tep_db_fetch_array($currency_query);
+
         if ($currency['currencies_id'] == $currencies_id) {
           tep_db_query("update " . TABLE_CONFIGURATION . " set 
configuration_value = '' where configuration_key = 'DEFAULT_CURRENCY'");
         }
 
-        tep_db_query("delete from " . TABLE_CURRENCIES . " where currencies_id 
= '" . tep_db_input($currencies_id) . "'");
+        tep_db_query("delete from " . TABLE_CURRENCIES . " where currencies_id 
= '" . (int)$currencies_id . "'");
 
         tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . 
$HTTP_GET_VARS['page']));
         break;
@@ -68,23 +72,27 @@
         while ($currency = tep_db_fetch_array($currency_query)) {
           $quote_function = 'quote_' . CURRENCY_SERVER_PRIMARY . '_currency';
           $rate = $quote_function($currency['code']);
-          if ( (!$rate) && (CURRENCY_SERVER_BACKUP != '') ) {
+
+          if (empty($rate) && (tep_not_null(CURRENCY_SERVER_BACKUP))) {
             $quote_function = 'quote_' . CURRENCY_SERVER_BACKUP . '_currency';
             $rate = $quote_function($currency['code']);
           }
-          if ($rate) {
-            tep_db_query("update " . TABLE_CURRENCIES . " set value = '" . 
$rate . "', last_updated = now() where currencies_id = '" . 
$currency['currencies_id'] . "'");
+
+          if (tep_not_null($rate)) {
+            tep_db_query("update " . TABLE_CURRENCIES . " set value = '" . 
$rate . "', last_updated = now() where currencies_id = '" . 
(int)$currency['currencies_id'] . "'");
+
             $messageStack->add_session(sprintf(TEXT_INFO_CURRENCY_UPDATED, 
$currency['title'], $currency['code']), 'success');
           } else {
             $messageStack->add_session(sprintf(ERROR_CURRENCY_INVALID, 
$currency['title'], $currency['code']), 'error');
           }
         }
+
         tep_redirect(tep_href_link(FILENAME_CURRENCIES, 'page=' . 
$HTTP_GET_VARS['page'] . '&cID=' . $HTTP_GET_VARS['cID']));
         break;
       case 'delete':
         $currencies_id = tep_db_prepare_input($HTTP_GET_VARS['cID']);
 
-        $currency_query = tep_db_query("select code from " . TABLE_CURRENCIES 
. " where currencies_id = '" . tep_db_input($currencies_id) . "'");
+        $currency_query = tep_db_query("select code from " . TABLE_CURRENCIES 
. " where currencies_id = '" . (int)$currencies_id . "'");
         $currency = tep_db_fetch_array($currency_query);
 
         $remove_currency = true;
@@ -142,11 +150,11 @@
   $currency_split = new splitPageResults($HTTP_GET_VARS['page'], 
MAX_DISPLAY_SEARCH_RESULTS, $currency_query_raw, $currency_query_numrows);
   $currency_query = tep_db_query($currency_query_raw);
   while ($currency = tep_db_fetch_array($currency_query)) {
-    if (((!$HTTP_GET_VARS['cID']) || (@$HTTP_GET_VARS['cID'] == 
$currency['currencies_id'])) && (!$cInfo) && (substr($HTTP_GET_VARS['action'], 
0, 3) != 'new')) {
+    if ((!isset($HTTP_GET_VARS['cID']) || (isset($HTTP_GET_VARS['cID']) && 
($HTTP_GET_VARS['cID'] == $currency['currencies_id']))) && !isset($cInfo) && 
(substr($action, 0, 3) != 'new')) {
       $cInfo = new objectInfo($currency);
     }
 
-    if ( (is_object($cInfo)) && ($currency['currencies_id'] == 
$cInfo->currencies_id) ) {
+    if (isset($cInfo) && is_object($cInfo) && ($currency['currencies_id'] == 
$cInfo->currencies_id) ) {
       echo '                  <tr class="dataTableRowSelected" 
onmouseover="this.style.cursor=\'hand\'" onclick="document.location.href=\'' . 
tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . 
$cInfo->currencies_id . '&action=edit') . '\'">' . "\n";
     } else {
       echo '                  <tr class="dataTableRow" 
onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" 
onmouseout="this.className=\'dataTableRow\'" 
onclick="document.location.href=\'' . tep_href_link(FILENAME_CURRENCIES, 
'page=' . $HTTP_GET_VARS['page'] . '&cID=' . $currency['currencies_id']) . 
'\'">' . "\n";
@@ -160,7 +168,7 @@
 ?>
                 <td class="dataTableContent"><?php echo $currency['code']; 
?></td>
                 <td class="dataTableContent" align="right"><?php echo 
number_format($currency['value'], 8); ?></td>
-                <td class="dataTableContent" align="right"><?php if ( 
(is_object($cInfo)) && ($currency['currencies_id'] == $cInfo->currencies_id) ) 
{ echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif'); } else { echo '<a 
href="' . tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . 
'&cID=' . $currency['currencies_id']) . '">' . tep_image(DIR_WS_IMAGES . 
'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?>&nbsp;</td>
+                <td class="dataTableContent" align="right"><?php if 
(isset($cInfo) && is_object($cInfo) && ($currency['currencies_id'] == 
$cInfo->currencies_id) ) { echo tep_image(DIR_WS_IMAGES . 
'icon_arrow_right.gif'); } else { echo '<a href="' . 
tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . 
$currency['currencies_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', 
IMAGE_ICON_INFO) . '</a>'; } ?>&nbsp;</td>
               </tr>
 <?php
   }
@@ -172,7 +180,7 @@
                     <td class="smallText" align="right"><?php echo 
$currency_split->display_links($currency_query_numrows, 
MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); 
?></td>
                   </tr>
 <?php
-  if (!$HTTP_GET_VARS['action']) {
+  if (empty($action)) {
 ?>
                   <tr>
                     <td><?php if (CURRENCY_SERVER_PRIMARY) { echo '<a href="' 
. tep_href_link(FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' 
. $cInfo->currencies_id . '&action=update') . '">' . 
tep_image_button('button_update_currencies.gif', IMAGE_UPDATE_CURRENCIES) . 
'</a>'; } ?></td>
@@ -187,11 +195,12 @@
 <?php
   $heading = array();
   $contents = array();
-  switch ($HTTP_GET_VARS['action']) {
+
+  switch ($action) {
     case 'new':
       $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_NEW_CURRENCY . 
'</b>');
 
-      $contents = array('form' => tep_draw_form('currencies', 
FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . '&cID=' . 
$cInfo->currencies_id . '&action=insert'));
+      $contents = array('form' => tep_draw_form('currencies', 
FILENAME_CURRENCIES, 'page=' . $HTTP_GET_VARS['page'] . (isset($cInfo) ? 
'&cID=' . $cInfo->currencies_id : '') . '&action=insert'));
       $contents[] = array('text' => TEXT_INFO_INSERT_INTRO);
       $contents[] = array('text' => '<br>' . TEXT_INFO_CURRENCY_TITLE . '<br>' 
. tep_draw_input_field('title'));
       $contents[] = array('text' => '<br>' . TEXT_INFO_CURRENCY_CODE . '<br>' 
. tep_draw_input_field('code'));



-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php