Instinct Ecommerce Help

I’ve done this many times before, and I don’t think I’ve done anything differently, but when I try to activate my ecommerce plugin I get this error:

Plugin could not be activated because it triggered a fatal error.

Warning: session_start() [function.session-start]: open_basedir restriction in effect. File(/var/tmp/) is not within the allowed path(s): (/home/sbspecial/:/tmp:/usr/local/lib/php/) in /home/sbspecial/domains/shopmetalsandpetals.com/public_html/wp-content/plugins/wp-shopping-cart/wp-shopping-cart.php on line 148

Fatal error: session_start() [function.session-start]: Failed to initialize storage module: files (path: ) in /home/sbspecial/domains/shopmetalsandpetals.com/public_html/wp-content/plugins/wp-shopping-cart/wp-shopping-cart.php on line 148

I have no idea how to fix this, but this is the wp-shopping-cart.php code:

<?php
/*
Plugin Name:WP Shopping Cart
Plugin URI: http://www.instinct.co.nz
Description: A plugin that provides a WordPress Shopping Cart. Contact Instinct Entertainment for support.
Click here to to Uninstall.
Version: 3.6.8 RC1
Author: Thomas Howard of Instinct Entertainment
Author URI: http://www.instinct.co.nz/e-commerce/
/* Major version for “major” releases */
define(‘WPSC_VERSION’, ‘3.6’);
define(‘WPSC_MINOR_VERSION’, ’80’);

define(‘WPSC_PRESENTABLE_VERSION’, ‘3.6.8 RC1’);

define(‘WPSC_DEBUG’, false);
/*
* {Notes} Language Files
* {Required} Yes
* {WP-Set} Yes (Admin Panel)
*/
define(‘IS_WP25’, version_compare($wp_version, ‘2.4’, ‘>=’) );

// // we need to know where we are, rather than assuming where we are
define(‘WPSC_FILE_PATH’, dirname(__FILE__));
define(‘WPSC_DIR_NAME’, basename(WPSC_FILE_PATH));

$siteurl = get_option(‘siteurl’);

// thanks to ikool for this fix
define(‘WPSC_FOLDER’, dirname(plugin_basename(__FILE__)));
define(‘WPSC_URL’, get_option(‘siteurl’).’/wp-content/plugins/’ . WPSC_FOLDER);

//exit(“”);

if(WPSC_DEBUG === true) {
function microtime_float() {
list($usec, $sec) = explode(” “, microtime());
return ((float)$usec + (float)$sec);
}

function wpsc_debug_start_subtimer($name, $action, $loop = false) {
global $wpsc_debug_sections,$loop_debug_increment;

if($loop === true) {
if ($action == ‘start’) {
$loop_debug_increment[$name]++;
$wpsc_debug_sections[$name.$loop_debug_increment[$name]][$action] = microtime_float();
} else if($action == ‘stop’) {
$wpsc_debug_sections[$name.$loop_debug_increment[$name]][$action] = microtime_float();
}
} else {
$wpsc_debug_sections[$name][$action] = microtime_float();
}
}

$wpsc_start_time = microtime_float();
} else {
function wpsc_debug_start_subtimer($name) {
return null;
}
}

if(get_option(‘language_setting’) != ”) {
require(WPSC_FILE_PATH.’/languages/’.get_option(‘language_setting’));
} else {
require(WPSC_FILE_PATH.’/languages/EN_en.php’);
}
require(WPSC_FILE_PATH.’/classes/variations.class.php’);
require(WPSC_FILE_PATH.’/classes/extra.class.php’);
// require(WPSC_FILE_PATH.’/classes/http_client.php’);
require(WPSC_FILE_PATH.’/classes/mimetype.php’);
require(WPSC_FILE_PATH.’/classes/cart.class.php’);
require(WPSC_FILE_PATH.’/classes/xmlparser.php’);
if (!IS_WP25) {
require(WPSC_FILE_PATH.’/editor.php’);
} else {
require(WPSC_FILE_PATH.’/js/tinymce3/tinymce.php’);
}

if(IS_WPMU == 1) {
$upload_url = get_option(‘siteurl’).’/files’;
$upload_path = ABSPATH.get_option(‘upload_path’);
} else {
if ( !defined(‘WP_CONTENT_URL’) ) {
define( ‘WP_CONTENT_URL’, get_option(‘siteurl’) . ‘/wp-content’);
}
if ( !defined(‘WP_CONTENT_DIR’) ) {
define( ‘WP_CONTENT_DIR’, ABSPATH . ‘wp-content’ );
}

$upload_path = WP_CONTENT_DIR.”/uploads”;
$upload_url = WP_CONTENT_URL.”/uploads”;
}

$wpsc_file_dir = “{$upload_path}/wpsc/downloadables/”;
$wpsc_preview_dir = “{$upload_path}/wpsc/previews/”;
$wpsc_image_dir = “{$upload_path}/wpsc/product_images/”;
$wpsc_thumbnail_dir = “{$upload_path}/wpsc/product_images/thumbnails/”;
$wpsc_category_dir = “{$upload_path}/wpsc/category_images/”;
$wpsc_user_uploads_dir = “{$upload_path}/wpsc/user_uploads/”;

// $wpsc_file_dir = ABSPATH.”{$upload_path}/files/”;
// $wpsc_preview_dir = ABSPATH.”{$upload_path}/preview_clips/”;
// $wpsc_image_dir = ABSPATH.”{$upload_path}/product_images/”;
// $wpsc_thumbnail_dir = ABSPATH.”{$upload_path}/product_images/thumbnails/”;
// $wpsc_category_dir = ABSPATH.”{$upload_path}/category_images/”;

define(‘WPSC_FILE_DIR’, $wpsc_file_dir);
define(‘WPSC_PREVIEW_DIR’, $wpsc_preview_dir);
define(‘WPSC_IMAGE_DIR’, $wpsc_image_dir);
define(‘WPSC_THUMBNAIL_DIR’, $wpsc_thumbnail_dir);
define(‘WPSC_CATEGORY_DIR’, $wpsc_category_dir);
define(‘WPSC_USER_UPLOADS_DIR’, $wpsc_user_uploads_dir);

/**
* files that are uploaded as part of digital products are not directly downloaded, therefore there is no need for a URL constant for them
*/

$wpsc_preview_url = “{$upload_url}/wpsc/previews/”;
$wpsc_image_url = “{$upload_url}/wpsc/product_images/”;
$wpsc_thumbnail_url = “{$upload_url}/wpsc/product_images/thumbnails/”;
$wpsc_category_url = “{$upload_url}/wpsc/category_images/”;
$wpsc_user_uploads_url = “{$upload_url}/wpsc/user_uploads/”;

// $wpsc_preview_url = “{$siteurl}/{$upload_path}/preview_clips/”;
// $wpsc_image_url = “{$siteurl}/{$upload_path}/product_images/”;
// $wpsc_thumbnail_url = “{$siteurl}/{$upload_path}/product_images/thumbnails/”;
// $wpsc_category_url = “{$siteurl}/{$upload_path}/category_images/”;

define(‘WPSC_PREVIEW_URL’, $wpsc_preview_url);
define(‘WPSC_IMAGE_URL’, $wpsc_image_url);
define(‘WPSC_THUMBNAIL_URL’, $wpsc_thumbnail_url);
define(‘WPSC_CATEGORY_URL’, $wpsc_category_url);
define(‘WPSC_USER_UPLOADS_URL’, $wpsc_user_uploads_url);

/*
* {Notes} Session will sometimes always exist dependent on server
* {Notes} Controls user Session
*/
if((!is_array($_SESSION)) xor (!isset($_SESSION[‘nzshpcrt_cart’])) xor (!$_SESSION)) {
session_start();
}

if(isset($_SESSION[‘nzshpcrt_cart’])) {
foreach((array)$_SESSION[‘nzshpcrt_cart’] as $key => $item) {
if(get_class($item) == “__PHP_Incomplete_Class”) {
$_SESSION[‘nzshpcrt_cart’] = unserialize($_SESSION[‘nzshpcrt_serialized_cart’]);
}
}
} else {
if(isset($_SESSION[‘nzshpcrt_cart’])) {
$_SESSION[‘nzshpcrt_cart’] = unserialize($_SESSION[‘nzshpcrt_serialized_cart’]);
}
}

if(is_numeric($_GET[‘sessionid’])) {
$sessionid = $_GET[‘sessionid’];
$cart_log_id = $wpdb->get_var(“SELECT id FROM ".$wpdb->prefix."purchase_logs WHERE sessionid= “.$sessionid.” LIMIT 1″);
if(is_numeric($cart_log_id)) {
$_SESSION[‘nzshpcrt_cart’] = null;
$_SESSION[‘nzshpcrt_serialized_cart’] = null;
}
}

$GLOBALS[‘nzshpcrt_imagesize_info’] = TXT_WPSC_IMAGESIZEINFO;
$nzshpcrt_log_states[0][‘name’] = TXT_WPSC_RECEIVED;
$nzshpcrt_log_states[1][‘name’] = TXT_WPSC_PROCESSING;
$nzshpcrt_log_states[2][‘name’] = TXT_WPSC_PROCESSED;

class wp_shopping_cart {
function wp_shopping_cart() {
return;
}
function displaypages()
{
/*
* Fairly standard wordpress plugin API stuff for adding the admin pages, rearrange the order to rearrange the pages
* The bits to display the options page first on first use may be buggy, but tend not to stick around long enough to be identified and fixed
* if you find bugs, feel free to fix them.
*
* If the permissions are changed here, they will likewise need to be changed for the other secions of the admin that either use ajax
* or bypass the normal download system.
* its in an object because nobody has moved it out of the object yet.
*/
if(function_exists(‘add_options_page’)) {
// if(get_option(‘nzshpcrt_first_load’) == 0) {
// $base_page = WPSC_DIR_NAME.’/options.php’;
// add_menu_page(TXT_WPSC_ECOMMERCE, TXT_WPSC_ECOMMERCE, 7, $base_page);
// add_submenu_page($base_page,TXT_WPSC_OPTIONS, TXT_WPSC_OPTIONS, 7, WPSC_DIR_NAME.’/options.php’);
// } else {
$base_page = WPSC_DIR_NAME.’/display-log.php’;
add_menu_page(TXT_WPSC_ECOMMERCE, TXT_WPSC_ECOMMERCE, 7, $base_page);
add_submenu_page(WPSC_DIR_NAME.’/display-log.php’,TXT_WPSC_PURCHASELOG, TXT_WPSC_PURCHASELOG, 7, WPSC_DIR_NAME.’/display-log.php’);
// }
//written by allen
add_submenu_page(‘users.php’,TXT_WPSC_ECOMMERCE_SUBSCRIBERS, TXT_WPSC_ECOMMERCE_SUBSCRIBERS, 7, WPSC_DIR_NAME.’/display-ecommerce-subs.php’);
//exit(ABSPATH.’wp-admin/users.php’);
//end of written by allen

add_submenu_page($base_page,TXT_WPSC_PRODUCTS, TXT_WPSC_PRODUCTS, 7, WPSC_DIR_NAME.’/display-items.php’);
add_submenu_page($base_page,TXT_WPSC_CATEGORISATION, TXT_WPSC_CATEGORISATION, 7, WPSC_DIR_NAME.’/display-category.php’);

add_submenu_page($base_page,TXT_WPSC_VARIATIONS, TXT_WPSC_VARIATIONS, 7, WPSC_DIR_NAME.’/display_variations.php’);
add_submenu_page($base_page,TXT_WPSC_MARKETING, TXT_WPSC_MARKETING, 7, WPSC_DIR_NAME.’/display-coupons.php’);

add_submenu_page($base_page,TXT_WPSC_PAYMENTGATEWAYOPTIONS, TXT_WPSC_PAYMENTGATEWAYOPTIONS, 7, WPSC_DIR_NAME.’/gatewayoptions.php’);
add_submenu_page($base_page,TXT_WPSC_FORM_FIELDS, TXT_WPSC_FORM_FIELDS, 7, WPSC_DIR_NAME.’/form_fields.php’);
add_submenu_page($base_page,TXT_WPSC_OPTIONS, TXT_WPSC_OPTIONS, 7, WPSC_DIR_NAME.’/options.php’);
if(function_exists(‘gold_shpcrt_options’)) {
gold_shpcrt_options($base_page);
}
// add_submenu_page($base_page,TXT_WPSC_HELPINSTALLATION, TXT_WPSC_HELPINSTALLATION, 7, WPSC_DIR_NAME.’/instructions.php’);
}
return;
}
}

function nzshpcrt_style() {
?>
<style type=”text/css” media=”screen”>

<?php
if((get_option(‘product_view’) == ‘default’) || (get_option(‘product_view’) == ”)) {
$thumbnail_width = get_option(‘product_image_width’);
if($thumbnail_width <= 0) {
$thumbnail_width = 96;
}
?>
div.default_product_display div.textcol{
margin-left: <?php echo $thumbnail_width + 10; ?>px !important;
_margin-left: <?php echo ($thumbnail_width/2) + 5; ?>px !important;
}

div.default_product_display div.textcol div.imagecol{
position:absolute;
top:0px;
left: 0px;
margin-left: -<?php echo $thumbnail_width + 10; ?>px !important;
}
<?php
}

$single_thumbnail_width = get_option(‘single_view_image_width’);
$single_thumbnail_height = get_option(‘single_view_image_height’);
if($single_thumbnail_width <= 0) {
$single_thumbnail_width = 128;
}
?>

div.single_product_display div.textcol{
margin-left: <?php echo $single_thumbnail_width + 10; ?>px !important;
_margin-left: <?php echo ($single_thumbnail_width/2) + 5; ?>px !important;
min-height: <?php echo $single_thumbnail_height + 10;?>px;
_height: <?php echo $single_thumbnail_height + 10;?>px;
}

div.single_product_display div.textcol div.imagecol{
position:absolute;
top:0px;
left: 0px;
margin-left: -<?php echo $single_thumbnail_width + 10; ?>px !important;
}

<?php
if(is_numeric($_GET[‘brand’]) || (get_option(‘show_categorybrands’) == 3)) {
$brandstate = ‘block’;
$categorystate = ‘none’;
} else {
$brandstate = ‘none’;
$categorystate = ‘block’;
}

?>
div#categorydisplay{
display: <?php echo $categorystate; ?>;
}

div#branddisplay{
display: <?php echo $brandstate; ?>;
}
</style>
<?php
}

function nzshpcrt_javascript()
{
$siteurl = get_option(‘siteurl’);
echo “”;
if(($_SESSION[‘nzshpcrt_cart’] == null) && (get_option(‘show_sliding_cart’) == 1)) {
?>
<style type=”text/css” media=”screen”>
div#sliding_cart{
display: none;
}
</style>
<?php
} else {
?>
<style type=”text/css” media=”screen”>
div#sliding_cart{
display: block;
}
</style>
<?php
}
?>
<?php if (get_option(‘product_ratings’) == 1){ ?>
<link href='<?php echo WPSC_URL; ?>/product_rater.css’ rel=”stylesheet” type=”text/css” />
<?php } ?>
<link href='<?php echo WPSC_URL; ?>/thickbox.css’ rel=”stylesheet” type=”text/css” />
<?php if (get_option(‘catsprods_display_type’) == 1){ ?>
<script language=”JavaScript” type=”text/javascript” src=”<?php echo WPSC_URL; ?>/js/slideMenu.js”></script>
<?php } ?>
<script language=’JavaScript’ type=’text/javascript’>
jQuery.noConflict();
/* base url */
var base_url = “<?php echo $siteurl; ?>”;
var WPSC_URL = “<?php echo WPSC_URL; ?>”;

/* LightBox Configuration start*/
var fileLoadingImage = “<?php echo WPSC_URL; ?>/images/loading.gif”;
var fileBottomNavCloseImage = “<?php echo WPSC_URL; ?>/images/closelabel.gif”;
var fileThickboxLoadingImage = “<?php echo WPSC_URL; ?>/images/loadingAnimation.gif”;
var resizeSpeed = 9; // controls the speed of the image resizing (1=slowest and 10=fastest)
var borderSize = 10; //if you adjust the padding in the CSS, you will need to update this variable
jQuery(document).ready( function() {
<?php
if(get_option(‘show_sliding_cart’) == 1) {
if(is_numeric($_SESSION[‘slider_state’])) {
if($_SESSION[‘slider_state’] == 0) {
?>
jQuery(“#sliding_cart”).css({ display: “none”});
<?php
} else {
?>
jQuery(“#sliding_cart”).css({ display: “block”});
<?php
}
} else {
if($_SESSION[‘nzshpcrt_cart’] == null) {
?>
jQuery(“#sliding_cart”).css({ display: “none”});
<?php
} else {
?>
jQuery(“#sliding_cart”).css({ display: “block”});
<?php
}
}
}
?>
});
</script>
<script src=”<?php echo WPSC_URL; ?>/ajax.js” language=’JavaScript’ type=”text/javascript”></script>
<script src=”<?php echo WPSC_URL; ?>/user.js” language=’JavaScript’ type=”text/javascript”>
</script>

<?php
$theme_path = WPSC_FILE_PATH. ‘/themes/’;
if((get_option(‘wpsc_selected_theme’) != ”) && (file_exists($theme_path.get_option(‘wpsc_selected_theme’).”/”.get_option(‘wpsc_selected_theme’).”.css”) )) {
?>
<link href='<?php echo WPSC_URL; ?>/themes/<?php echo get_option(‘wpsc_selected_theme’).”/”.get_option(‘wpsc_selected_theme’).”.css”; ?>’ rel=”stylesheet” type=”text/css” />
<?php
} else {
?>
<link href='<?php echo WPSC_URL; ?>/themes/default/default.css’ rel=”stylesheet” type=”text/css” />
<?php
}
?>
<link href='<?php echo WPSC_URL; ?>/themes/compatibility.css’ rel=”stylesheet” type=”text/css” />
<?php
}

function wpsc_admin_css() {
$siteurl = get_option(‘siteurl’);
if(strpos($_SERVER[‘REQUEST_URI’], WPSC_DIR_NAME.”) !== false) {
?>
<link href='<?php echo WPSC_URL; ?>/admin.css’ rel=”stylesheet” type=”text/css” />
<link href='<?php echo WPSC_URL; ?>/js/jquery.ui.tabs.css’ rel=”stylesheet” type=”text/css” />
<?php

if($_GET[‘page’] == ‘wp-shopping-cart/display-log.php’) {
?>
<link href='<?php echo $siteurl; ?>/wp-admin/css/dashboard.css?ver=2.6′ rel=”stylesheet” type=”text/css” />
<?php
}
?>
<link href='<?php echo WPSC_URL; ?>/thickbox.css’ rel=”stylesheet” type=”text/css” />
<script src=”<?php echo WPSC_URL; ?>/ajax.js” language=’JavaScript’ type=”text/javascript”></script>

<script language=”JavaScript” type=”text/javascript” src=”<?php echo WPSC_URL; ?>/js/jquery.tooltip.js”></script>
<script language=’JavaScript’ type=’text/javascript’>

/* base url */
var base_url = “<?php echo $siteurl; ?>”;
var WPSC_URL = “<?php echo WPSC_URL; ?>”;

/* LightBox Configuration start*/
var fileLoadingImage = “<?php echo WPSC_URL; ?>/images/loading.gif”;
var fileBottomNavCloseImage = “<?php echo WPSC_URL; ?>/images/closelabel.gif”;
var fileThickboxLoadingImage = “<?php echo WPSC_URL; ?>/images/loadingAnimation.gif”;

var resizeSpeed = 9;

var borderSize = 10;
/* LightBox Configuration end*/
/* custom admin functions start*/
<?php
echo “var TXT_WPSC_DELETE = ‘”.TXT_WPSC_DELETE.”‘;\n\r”;
echo “var TXT_WPSC_TEXT = ‘”.TXT_WPSC_TEXT.”‘;\n\r”;
echo “var TXT_WPSC_EMAIL = ‘”.TXT_WPSC_EMAIL.”‘;\n\r”;
echo “var TXT_WPSC_COUNTRY = ‘”.TXT_WPSC_COUNTRY.”‘;\n\r”;
echo “var TXT_WPSC_TEXTAREA = ‘”.TXT_WPSC_TEXTAREA.”‘;\n\r”;
echo “var TXT_WPSC_HEADING = ‘”.TXT_WPSC_HEADING.”‘;\n\r”;
echo “var TXT_WPSC_COUPON = ‘”.TXT_WPSC_COUPON.”‘;\n\r”;
echo “var HTML_FORM_FIELD_TYPES =\”<option value=’text’ >”.TXT_WPSC_TEXT.”</option>”;
echo “<option value=’email’ >”.TXT_WPSC_EMAIL.”</option>”;
echo “<option value=’address’ >”.TXT_WPSC_ADDRESS.”</option>”;
echo “<option value=’city’ >”.TXT_WPSC_CITY.”</option>”;
echo “<option value=’country’>”.TXT_WPSC_COUNTRY.”</option>”;
echo “<option value=’delivery_address’ >”.TXT_WPSC_DELIVERY_ADDRESS.”</option>”;
echo “<option value=’delivery_city’ >”.TXT_WPSC_DELIVERY_CITY.”</option>”;
echo “<option value=’delivery_country’>”.TXT_WPSC_DELIVERY_COUNTRY.”</option>”;
echo “<option value=’textarea’ >”.TXT_WPSC_TEXTAREA.”</option>”;
echo “<option value=’heading’ >”.TXT_WPSC_HEADING.”</option>”;
echo “<option value=’coupon’ >”.TXT_WPSC_COUPON.”</option>\”;\n\r”;
?>
/* custom admin functions end*/
</script>
<script language=”JavaScript” type=”text/javascript” src=”<?php echo WPSC_URL; ?>/js/thickbox.js”></script>
<script language=”JavaScript” type=”text/javascript” src=”<?php echo WPSC_URL; ?>/js/jquery.tooltip.js”></script>
<script language=”JavaScript” type=”text/javascript” src=”<?php echo WPSC_URL; ?>/js/dimensions.js”></script>
<script language=”JavaScript” type=”text/javascript” src=”<?php echo WPSC_URL; ?>/admin.js”></script>
<?php
}
}

function nzshpcrt_displaypages()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->displaypages();
}

function nzshpcrt_adminpage()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->adminpage();
}

function nzshpcrt_additem()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->additem();
}

function nzshpcrt_displayitems()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->displayitems();
}

function nzshpcrt_instructions()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->instructions();
}

function nzshpcrt_options()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->options();
}

function nzshpcrt_gatewayoptions()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->gatewayoptions();
}

function nzshpcrt_addcategory()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->addcategory();
//$GLOBALS[‘nzshpcrt_activateshpcrt’] = true;
}

function nzshpcrt_editcategory()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->editcategory();
//$GLOBALS[‘nzshpcrt_activateshpcrt’] = true;
}

function nzshpcrt_editvariations()
{
$nzshpcrt = new wp_shopping_cart;
$nzshpcrt->editvariations();
//$GLOBALS[‘nzshpcrt_activateshpcrt’] = true;
}

function nzshpcrt_submit_ajax()
{
global $wpdb,$user_level,$wp_rewrite;
get_currentuserinfo();
if(get_option(‘permalink_structure’) != ”) {
$seperator =”?”;
} else {
$seperator =”&”;
}

$cartt = $_SESSION[‘nzshpcrt_cart’];
$cartt1=$cartt[0]->product_id;

// if is an AJAX request, cruddy code, could be done better but getting approval would be impossible
if(($_POST[‘ajax’] == “true”) || ($_GET[‘ajax’] == “true”))
{
if ($_POST[‘changetax’] == “true”) {

if (isset($_POST[‘billing_region’])){
$billing_region=$_POST[‘billing_region’];
} else {
$billing_region=$_SESSION[‘selected_region’];
}
$billing_country=$_POST[‘billing_country’];
foreach($cartt as $cart_item) {
$product_id = $cart_item->product_id;
$quantity = $cart_item->quantity;
//echo(“

".print_r($cart_item->product_variations,true)."

“);
$product = $wpdb->get_row(“SELECT * FROM ".$wpdb->prefix."product_list WHERE id = ‘$product_id’ LIMIT 1″,ARRAY_A);

if($product[‘donation’] == 1) {
$price = $quantity * $cart_item->donation_price;
} else {
$price = $quantity * calculate_product_price($product_id, $cart_item->product_variations);
if($product[‘notax’] != 1) {
$tax += nzshpcrt_calculate_tax($price, $billing_country, $billing_region) – $price;
}
$all_donations = false;
}

if($_SESSION[‘delivery_country’] != null) {
$total_shipping += nzshpcrt_determine_item_shipping($product[‘id’], $quantity, $_SESSION[‘delivery_country’]);
}
}
echo $tax.”:”.$price.”:”.$total_shipping;
exit();
}

if ($_POST[‘submittogoogle’]) {
$newvalue=$_POST[‘value’];
$amount=$_POST[‘amount’];
$reason=$_POST[‘reason’];
$comment=$_POST[‘comment’];
$message=$_POST[‘message’];
$amount=number_format($amount, 2, ‘.’, ”);
$log_data = $wpdb->get_row(“SELECT * FROM ".$wpdb->prefix."purchase_logs WHERE id = ‘”.$_POST[‘id’].”‘ LIMIT 1″,ARRAY_A);
if (($newvalue==2) && function_exists(‘wpsc_member_activate_subscriptions’)){
wpsc_member_activate_subscriptions($_POST[‘id’]);
}
$google_status = unserialize($log_data[‘google_status’]);

switch($newvalue) {
case “Charge”:
if ($google_status[0]!=’CANCELLED_BY_GOOGLE’) {
if ($amount==”) {
$google_status[‘0′]=’Partially Charged’;
} else {
$google_status[‘0′]=’CHARGED’;
$google_status[‘partial_charge_amount’]=$amount;
}
}
break;

case “Cancel”:
if ($google_status[0]!=’CANCELLED_BY_GOOGLE’)
$google_status[0]=’CANCELLED’;
if ($google_status[1]!=’DELIVERED’)
$google_status[1]=’WILL_NOT_DELIVER’;
break;

case “Refund”:
if ($amount==”) {
$google_status[‘0′]=’Partially Refund’;
} else {
$google_status[‘0′]=’REFUND’;
$google_status[‘partial_refund_amount’]=$amount;
}
break;

case “Ship”:
if ($google_status[1]!=’WILL_NOT_DELIVER’)
$google_status[1]=’DELIVERED’;
break;

case “Archive”:
$google_status[1]=’ARCHIVED’;
break;
}
$google_status_sql=”UPDATE ".$wpdb->prefix."purchase_logs SET google_status='”.serialize($google_status).”‘ WHERE id = ‘”.$_POST[‘id’].”‘ LIMIT 1″;
$wpdb->query($google_status_sql);
$merchant_id = get_option(‘google_id’);
$merchant_key = get_option(‘google_key’);
$server_type = get_option(‘google_server_type’);
$currency = get_option(‘google_cur’);
$Grequest = new GoogleRequest($merchant_id, $merchant_key, $server_type,$currency);
$google_order_number=$wpdb->get_var(“SELECT google_order_number FROM ".$wpdb->prefix."purchase_logs WHERE id = ‘”.$_POST[‘id’].”‘ LIMIT 1″);
switch ($newvalue) {
case ‘Charge’:
$Grequest->SendChargeOrder($google_order_number,$amount);
break;

case ‘Ship’:
$Grequest->SendDeliverOrder($google_order_number);
break;

case ‘Archive’:
$Grequest->SendArchiveOrder($google_order_number);
break;

case ‘Refund’:
$Grequest->SendRefundOrder($google_order_number,$amount,$reason);
break;

case ‘Cancel’:
$Grequest->SendCancelOrder($google_order_number,$reason,$comment);
break;

case ‘Send Message’:
$Grequest->SendBuyerMessage($google_order_number,$message);
break;
}
$newvalue++;
$update_sql = “UPDATE ".$wpdb->prefix."purchase_logs SET processed = ‘”.$newvalue.”‘ WHERE id = ‘”.$_POST[‘id’].”‘ LIMIT 1″;
//$wpdb->query($update_sql);

exit();
}

////changes for usps
if ($_POST[‘uspsswitch’]) {
foreach ($_SESSION[‘uspsQuote’] as $quotes) {
$total=$_POST[‘total’];
if ($quotes[$_POST[‘key’]]!=”) {
echo nzshpcrt_currency_display($total+$quotes[$_POST[‘key’]],1);
echo “<input type=’hidden’ value='”.$total.”‘ id=’shopping_cart_total_price’>”;
$_SESSION[‘usps_shipping’]= $quotes[$_POST[‘key’]];
}
}

exit();
}
//changes for usps ends

if(($_GET[‘user’] == “true”) && is_numeric($_POST[‘prodid’]))
{
$memberstatus = get_product_meta($_POST[‘prodid’],’is_membership’,true);
if(($memberstatus[0]==’1′) && ($_SESSION[‘nzshopcrt_cart’]!=NULL)){
} else{
$sql = “SELECT * FROM ".$wpdb->prefix."product_list WHERE id='”.$_POST[‘prodid’].”‘ LIMIT 1″;
$item_data = $wpdb->get_results($sql,ARRAY_A);

$item_quantity = 0;
if($_SESSION[‘nzshpcrt_cart’] != null)
{
foreach($_SESSION[‘nzshpcrt_cart’] as $cart_key => $cart_item)
{
if (($memberstatus[0]!=’1′)&&($_SESSION[‘nzshpcrt_cart’]!=NULL)){
if($cart_item->product_id == $_POST[‘prodid’]) {
if(($_SESSION[‘nzshpcrt_cart’][$cart_key]->product_variations === $_POST[‘variation’])&&($_SESSION[‘nzshpcrt_cart’][$cart_key]->extras === $_POST[‘extras’])) {
$item_quantity += $_SESSION[‘nzshpcrt_cart’][$cart_key]->quantity;
$item_variations = $_SESSION[‘nzshpcrt_cart’][$cart_key]->product_variations;
}
}
}
}
}

$item_stock = null;
$variation_count = count($_POST[‘variation’]);
if(($variation_count >= 1) && ($variation_count <= 2)) {
foreach($_POST[‘variation’] as $variation_id) {
if(is_numeric($variation_id)) {
$variation_ids[] = (int)$variation_id;
}
}
if(count($variation_ids) == 2) {
$variation_stock_data = $wpdb->get_row(“SELECT * FROM ".$wpdb->prefix."variation_priceandstock WHERE product_id = ‘”.$_POST[‘prodid’].”‘ AND (variation_id_1 = ‘”.$variation_ids[0].”‘ AND variation_id_2 = ‘”.$variation_ids[1].”‘) OR (variation_id_1 = ‘”.$variation_ids[1].”‘ AND variation_id_2 = ‘”.$variation_ids[0].”‘) LIMIT 1″,ARRAY_A);
$item_stock = $variation_stock_data[‘stock’];
} else if(count($variation_ids) == 1) {
$variation_stock_data = $wpdb->get_row(“SELECT * FROM ".$wpdb->prefix."variation_priceandstock WHERE product_id = ‘”.$_POST[‘prodid’].”‘ AND (variation_id_1 = ‘”.$variation_ids[0].”‘ AND variation_id_2 = ‘0’) LIMIT 1″,ARRAY_A);
$item_stock = $variation_stock_data[‘stock’];
}
}

if($item_stock === null) {
$item_stock = $item_data[0][‘quantity’];
}

if((($item_data[0][‘quantity_limited’] == 1) && ($item_stock > 0) && ($item_stock > $item_quantity)) || ($item_data[0][‘quantity_limited’] == 0)) {
$cartcount = count($_SESSION[‘nzshpcrt_cart’]);
if(is_array($_POST[‘variation’])) { $variations = $_POST[‘variation’]; } else { $variations = null; }
if(is_array($_POST[‘extras’])) { $extras = $_POST[‘extras’]; } else { $extras = null; }
$updated_quantity = false;
if($_SESSION[‘nzshpcrt_cart’] != null) {
foreach($_SESSION[‘nzshpcrt_cart’] as $cart_key => $cart_item) {
if ((!($memberstatus[0]==’1′)&&(count($_SESSION[‘nzshpcrt_cart’])>0))) {
if((int)$cart_item->product_id === (int)$_POST[‘prodid’]) { // force both to integer before testing for identicality
if(($_SESSION[‘nzshpcrt_cart’][$cart_key]->extras === $extras)&&($_SESSION[‘nzshpcrt_cart’][$cart_key]->product_variations === $variations) && ((int)$_SESSION[‘nzshpcrt_cart’][$cart_key]->donation_price == (int)$_POST[‘donation_price’])) {
if(is_numeric($_POST[‘quantity’])) {
$_SESSION[‘nzshpcrt_cart’][$cart_key]->quantity += (int)$_POST[‘quantity’];
} else {
$_SESSION[‘nzshpcrt_cart’][$cart_key]->quantity++;
}
$updated_quantity = true;
}
}
}
}
}
if($item_data[0][‘donation’] == 1) {
$donation = $_POST[‘donation_price’];
} else {
$donation = false;
}
if(!(($memberstatus[0]==’1′)&&(count($_SESSION[‘nzshpcrt_cart’])>0))){
$status = get_product_meta($cartt1, ‘is_membership’, true);
if ($status[0]==’1′){
exit();
}
if($updated_quantity === false) {
if(is_numeric($_POST[‘quantity’])) {
if($_POST[‘quantity’] > 0) {
$new_cart_item = new cart_item($_POST[‘prodid’],$variations,$_POST[‘quantity’], $donation,$extras);
}
} else {
//echo “correct”;
$new_cart_item = new cart_item($_POST[‘prodid’],$variations, 1, $donation,$extras);
}
$_SESSION[‘nzshpcrt_cart’][] = $new_cart_item;
}
}
} else {
$quantity_limit = true;
}

$cart = $_SESSION[‘nzshpcrt_cart’];

if (($memberstatus[0]==’1′)&&(count($cart)>1)) {
} else {
$status = get_product_meta($cartt1, ‘is_membership’, true);
if ($status[0]==’1′){
exit(‘st’);
}
echo “if(document.getElementById(‘shoppingcartcontents’) != null)
{
document.getElementById(‘shoppingcartcontents’).innerHTML = \””.str_replace(Array(“\n”,”\r”) , “”,addslashes(nzshpcrt_shopping_basket_internals($cart,$quantity_limit))). “\”;
}
“;

if(($_POST[‘prodid’] != null) &&(get_option(‘fancy_notifications’) == 1)) {
echo “if(document.getElementById(‘fancy_notification_content’) != null)
{
document.getElementById(‘fancy_notification_content’).innerHTML = \””.str_replace(Array(“\n”,”\r”) , “”,addslashes(fancy_notification_content($_POST[‘prodid’], $quantity_limit))). “\”;
jQuery(‘#loading_animation’).css(‘display’, ‘none’);
jQuery(‘#fancy_notification_content’).css(‘display’, ‘block’);
}
“;
}

if($_SESSION[‘slider_state’] == 0) {
echo ‘jQuery(“#sliding_cart”).css({ display: “none”});’.”\n\r”;
} else {
echo ‘jQuery(“#sliding_cart”).css({ display: “block”});’.”\n\r”;
}
}
}
exit();
} else if(($_POST[‘user’] == “true”) && ($_POST[’emptycart’] == “true”)) {
//exit(“/* \n\r “.get_option(‘shopping_cart_url’).” \n\r “.print_r($_POST,true).” \n\r */”);
$_SESSION[‘nzshpcrt_cart’] = ”;
$_SESSION[‘nzshpcrt_cart’] = Array();
echo “if(document.getElementById(‘shoppingcartcontents’) != null) {
document.getElementById(‘shoppingcartcontents’).innerHTML = \””.str_replace(Array(“\n”,”\r”) , “”, addslashes(nzshpcrt_shopping_basket_internals($cart))). “\”;
}\n\r”;

if($_POST[‘current_page’] == get_option(‘shopping_cart_url’)) {
echo “window.location = ‘”.get_option(‘shopping_cart_url’).”‘;\n\r”; // if we are on the checkout page, redirect back to it to clear the non-ajax cart too
}
exit();
}

if ($_POST[‘store_list’]==”true”) {
$map_data[‘address’] = $_POST[‘addr’];
$map_data[‘city’] = $_POST[‘city’];
$map_data[‘country’] = ‘US’;
$map_data[‘zipcode’]=”;
$map_data[‘radius’] = ‘50000’;
$map_data[‘state’] = ”;
$map_data[‘submit’] = ‘Find Store’;
$stores = getdistance($map_data);
$i=0;
while($rows = mysql_fetch_array($stores)) {
//echo “

".print_r($rows,1)."

“;
if ($i==0) {
$closest_store = $rows[5];
}
$i++;
$store_list[$i] = $rows[5];
}
foreach ($store_list as $store){
$output.=”<option value=’$store’>$store</option>”;
}
echo $output;
exit();
}

if($_POST[‘admin’] == “true”) {

if(is_numeric($_POST[‘prodid’])) {
/* fill product form */
echo nzshpcrt_getproductform($_POST[‘prodid’]);
exit();
} else if(is_numeric($_POST[‘catid’])) {
/* fill category form */
echo nzshpcrt_getcategoryform($_POST[‘catid’]);
exit();
} else if(is_numeric($_POST[‘brandid’])) {
/* fill brand form */
echo nzshpcrt_getbrandsform($_POST[‘brandid’]);
exit();
} else if(is_numeric($_POST[‘variation_id’])) {
echo nzshpcrt_getvariationform($_POST[‘variation_id’]);
exit();
}

if($_POST[‘hide_ecom_dashboard’] == ‘true’) {
require_once (ABSPATH . WPINC . ‘/rss.php’);
$rss = fetch_rss(‘http://www.instinct.co.nz/feed/&#8217;);
$rss->items = array_slice($rss->items, 0, 5);
$rss_hash = sha1(serialize($rss->items));
update_option(‘wpsc_ecom_news_hash’, $rss_hash);
exit(1);
}

if(($_POST[‘remove_meta’] == ‘true’) && is_numeric($_POST[‘meta_id’])) {
$meta_id = (int)$_POST[‘meta_id’];
$selected_meta = $wpdb->get_row(“SELECT * FROM {$wpdb->prefix}wpsc_productmeta WHERE id IN(‘{$meta_id}’) “,ARRAY_A);
if($selected_meta != null) {
if($wpdb->query(“DELETE FROM {$wpdb->prefix}wpsc_productmeta WHERE id IN(‘{$meta_id}’) LIMIT 1″)) {
echo $meta_id;
exit();
}
}
echo 0;
exit();
}
exit();
}

if(is_numeric($_POST[‘currencyid’])){
$currency_data = $wpdb->get_results(“SELECT symbol,symbol_html,code FROM ".$wpdb->prefix."currency_list WHERE id='”.$_POST[‘currencyid’].”‘ LIMIT 1″,ARRAY_A) ;
$price_out = null;
if($currency_data[0][‘symbol’] != ”) {
$currency_sign = $currency_data[0][‘symbol_html’];
} else {
$currency_sign = $currency_data[0][‘code’];
}
echo $currency_sign;
exit();
}
//echo “–==->”;
if($_POST[‘buynow’] == “true”) {
$id = $_REQUEST[‘product_id’];
$price = $_REQUEST[‘price’];
$downloads = get_option(‘max_downloads’);
$product_sql = “SELECT * FROM “.$wpdb->prefix.”product_list WHERE id = “.$id.” LIMIT 1″;
$product_info = $wpdb->get_results($product_sql, ARRAY_A);
$product_info = $product_info[0];
$sessionid = (mt_rand(100,999).time());
$sql = “INSERT INTO ".$wpdb->prefix."purchase_logs ( totalprice , sessionid , date, billing_country, shipping_country,shipping_region, user_ID, discount_value ) VALUES ( ‘”.$price.”‘, ‘”.$sessionid.”‘, ‘”.time().”‘, ‘BuyNow’, ‘BuyNow’, ‘BuyNow’ , NULL , 0)”;
$wpdb->query($sql) ;
$log_id = $wpdb->get_var(“SELECT id FROM ".$wpdb->prefix."purchase_logs WHERE sessionid IN(‘”.$sessionid.”‘) LIMIT 1″) ;
$cartsql = “INSERT INTO ".$wpdb->prefix."cart_contents ( prodid , purchaseid, price, pnp, gst, quantity, donation, no_shipping ) VALUES (‘”.$id.”‘, ‘”.$log_id.”‘,'”.$price.”‘,’0’, ‘0’,’1′, ‘”.$donation.”‘, ‘1’)”;
$wpdb->query($cartsql);
$wpdb->query(“INSERT INTO ".$wpdb->prefix."download_status ( fileid , purchid , downloads , active , datetime ) VALUES ( ‘”.$product_info[‘file’].”‘, ‘”.$log_id.”‘, ‘$downloads’, ‘0’, NOW( ));”);
exit();
}

if(($_POST[‘changeorder’] == “true”) && is_numeric($_POST[‘category_id’])) {
$category_id = (int)$_POST[‘category_id’];
$hash=$_POST[‘sort1’];
$order=1;
foreach($hash as $id) {
$wpdb->query(“UPDATE ".$wpdb->prefix."product_order SET order=$order WHERE product_id=”.(int)$id.” AND category_id=”.(int)$category_id.” LIMIT 1″);
$order++;
}
exit(” “);
}

/* rate item */
if(($_POST[‘rate_item’] == “true”) && is_numeric($_POST[‘product_id’]) && is_numeric($_POST[‘rating’]))
{
$nowtime = time();
$prodid = $_POST[‘product_id’];
$ip_number = $_SERVER[‘REMOTE_ADDR’];
$rating = $_POST[‘rating’];

$cookie_data = explode(“,”,$_COOKIE[‘voting_cookie’][$prodid]);

if(is_numeric($cookie_data[0]) && ($cookie_data[0] > 0))
{
$vote_id = $cookie_data[0];
$wpdb->query(“UPDATE ".$wpdb->prefix."product_rating SET rated = ‘”.$rating.”‘ WHERE id ='”.$vote_id.”‘ LIMIT 1 ;”);
}
else
{
$insert_sql = “INSERT INTO ".$wpdb->prefix."product_rating ( ipnum , productid , rated, time) VALUES ( ‘”.$ip_number.”‘, ‘”.$prodid.”‘, ‘”.$rating.”‘, ‘”.$nowtime.”‘);”;
$wpdb->query($insert_sql);

$data = $wpdb->get_results(“SELECT id,rated FROM ".$wpdb->prefix."product_rating WHERE ipnum='”.$ip_number.”‘ AND productid = ‘”.$prodid.”‘ AND rated = ‘”.$rating.”‘ AND time = ‘”.$nowtime.”‘ ORDER BY id DESC LIMIT 1″,ARRAY_A) ;

$vote_id = $data[0][‘id’];
setcookie(“voting_cookie[$prodid]”, ($vote_id.”,”.$rating),time()+(60*60*24*360));
}

$output[1]= $prodid;
$output[2]= $rating;
echo $output[1].”,”.$output[2];
exit();
}
//written by allen
if ($_REQUEST[‘save_tracking_id’] == “true”){
$id = $_POST[‘id’];
$value = $_POST[‘value’];
$update_sql = “UPDATE “.$wpdb->prefix.”purchase_logs SET track_id = ‘”.$value.”‘ WHERE id=$id”;
$wpdb->query($update_sql);
exit();
}

if(($_POST[‘get_rating_count’] == “true”) && is_numeric($_POST[‘product_id’]))
{
$prodid = $_POST[‘product_id’];
$data = $wpdb->get_results(“SELECT COUNT(*) AS count FROM ".$wpdb->prefix."product_rating WHERE productid = ‘”.$prodid.”‘”,ARRAY_A) ;
echo $data[0][‘count’].”,”.$prodid;
exit();
}

/// Pointless AJAX call is pointless
// if(isset($_POST[‘changeperpage’])) {
// $item_per_page = $_POST[‘changeperpage’];
// echo $item_per_page;
// exit();
// }

if(($_POST[‘remove_variation_value’] == “true”) && is_numeric($_POST[‘variation_value_id’]))
{
$wpdb->query(“DELETE FROM ".$wpdb->prefix."variation_values_associations WHERE value_id = ‘”.$_POST[‘variation_value_id’].”‘”);
$wpdb->query(“DELETE FROM ".$wpdb->prefix."variation_values WHERE id = ‘”.$_POST[‘variation_value_id’].”‘ LIMIT 1″);
exit();
}

if(($_POST[‘get_updated_price’] == “true”) && is_numeric($_POST[‘product_id’]))
{
$notax = $wpdb->get_var(“SELECT notax FROM ".$wpdb->prefix."product_list WHERE id IN(‘”.$_POST[‘product_id’].”‘) LIMIT 1″);
foreach((array)$_POST[‘variation’] as $variation)
{
if(is_numeric($variation))
{
$variations[] = $variation;
}
}
foreach((array)$_POST[‘extra’] as $extra)
{
if(is_numeric($extra))
{
$extras[] = $extra;
}
}
$pm=$_POST[‘pm’];
echo “product_id=”.$_POST[‘product_id’].”;\n”;

echo “price=\””.nzshpcrt_currency_display(calculate_product_price($_POST[‘product_id’], $variations,’stay’,$extras), $notax).”\”;\n”;
//exit(print_r($extras,1));
exit();
}

if(($_REQUEST[‘log_state’] == “true”) && is_numeric($_POST[‘id’]) && is_numeric($_POST[‘value’])) {
$newvalue = $_POST[‘value’];
if ($_REQUEST[‘suspend’]==’true’){
if ($_REQUEST[‘value’]==1){
wpsc_member_dedeactivate_subscriptions($_POST[‘id’]);
} else {
wpsc_member_deactivate_subscriptions($_POST[‘id’]);
}
exit();
} else {

$log_data = $wpdb->get_row(“SELECT * FROM ".$wpdb->prefix."purchase_logs WHERE id = ‘”.$_POST[‘id’].”‘ LIMIT 1″,ARRAY_A);
if (($newvalue==2) && function_exists(‘wpsc_member_activate_subscriptions’)){
wpsc_member_activate_subscriptions($_POST[‘id’]);
}

$update_sql = “UPDATE ".$wpdb->prefix."purchase_logs SET processed = ‘”.$newvalue.”‘ WHERE id = ‘”.$_POST[‘id’].”‘ LIMIT 1″;
$wpdb->query($update_sql);
//echo(“/*”);
if(($newvalue > $log_data[‘processed’]) && ($log_data[‘processed’] < 2)) {
transaction_results($log_data[‘sessionid’],false);
}
//echo(“*/”);
$stage_sql = “SELECT * FROM ".$wpdb->prefix."purchase_statuses WHERE id='”.$newvalue.”‘ AND active=’1′ LIMIT 1″;
$stage_data = $wpdb->get_row($stage_sql,ARRAY_A);

echo “document.getElementById(\”form_group_”.$_POST[‘id’].”_text\”).innerHTML = ‘”.$stage_data[‘name’].”‘;\n”;
echo “document.getElementById(\”form_group_”.$_POST[‘id’].”_text\”).style.color = ‘#”.$stage_data[‘colour’].”‘;\n”;

$year = date(“Y”);
$month = date(“m”);
$start_timestamp = mktime(0, 0, 0, $month, 1, $year);
$end_timestamp = mktime(0, 0, 0, ($month+1), 0, $year);

echo “document.getElementById(\”log_total_month\”).innerHTML = ‘”.addslashes(nzshpcrt_currency_display(admin_display_total_price($start_timestamp, $end_timestamp),1)).”‘;\n”;
echo “document.getElementById(\”log_total_absolute\”).innerHTML = ‘”.addslashes(nzshpcrt_currency_display(admin_display_total_price(),1)).”‘;\n”;
exit();
}
}

if(($_POST[‘list_variation_values’] == “true”) && is_numeric($_POST[‘new_variation_id’])) {
$variation_processor = new nzshpcrt_variations();
echo “variation_value_id = \””.$_POST[‘new_variation_id’].”\”;\n”;
echo “variation_value_html = \””.$variation_processor->display_variation_values($_POST[‘prefix’],$_POST[‘new_variation_id’]).”\”;\n”;
$variations_selected = array_values(array_unique(array_merge((array)$_POST[‘new_variation_id’], (array)$_POST[‘variation_id’])));
echo “variation_subvalue_html = \””.str_replace(“\n\r”, ‘\n\r’, $variation_processor->variations_add_grid_view((array)$variations_selected)).”\”;\n”;
//echo “/*\n\r”.print_r(array_values(array_unique(array_merge((array)$_POST[‘new_variation_id’], $_POST[‘variation_id’]))),true).”\n\r*/”;
exit();
}

if(($_POST[‘redisplay_variation_values’] == “true”)) {
$variation_processor = new nzshpcrt_variations();
$variations_selected = array_values(array_unique(array_merge((array)$_POST[‘new_variation_id’], (array)$_POST[‘variation_id’])));
foreach($variations_selected as $variation_id) {
// cast everything to integer to make sure nothing nasty gets in.
$variation_list[] = (int)$variation_id;
}
echo $variation_processor->variations_add_grid_view((array)$variation_list);
//echo “/*\n\r”.print_r(array_values(array_unique($_POST[‘variation_id’])),true).”\n\r*/”;
exit();
}

if(($_POST[‘edit_variation_value_list’] == ‘true’) && is_numeric($_POST[‘variation_id’]) && is_numeric($_POST[‘product_id’])) {
$variation_id = (int)$_POST[‘variation_id’];
$product_id = (int)$_POST[‘product_id’];
$variations_processor = new nzshpcrt_variations();
$variation_values = $variations_processor->falsepost_variation_values($variation_id);
if(is_array($variation_values)) {
//echo(print_r($variation_values,true));
$check_variation_added = $wpdb->get_var(“SELECT id FROM ".$wpdb->prefix."variation_associations WHERE type IN (‘product’) AND associated_id IN (‘{$product_id}’) AND variation_id IN (‘{$variation_id}’) LIMIT 1″);
if($check_variation_added == null) {
$variations_processor->add_to_existing_product($product_id,$variation_values);
}
echo $variations_processor->display_attached_variations($product_id);
echo $variations_processor->variations_grid_view($product_id);
} else {
echo “false”;
}
exit();
}

if(($_POST[‘remove_form_field’] == “true”) && is_numeric($_POST[‘form_id’])) {
//exit(print_r($user,true));
if(current_user_can(‘level_7’)) {
$wpdb->query(“UPDATE ".$wpdb->prefix."collect_data_forms SET active = ‘0’ WHERE id ='”.$_POST[‘form_id’].”‘ LIMIT 1 ;”);
exit(‘ ‘);
}
}

/*
* function for handling the checkout billing address
*/
if(preg_match(“/[a-zA-Z]{2,4}/”, $_POST[‘billing_country’]))
{
if($_SESSION[‘selected_country’] == $_POST[‘billing_country’])
{
$do_not_refresh_regions = true;
}
else
{
$do_not_refresh_regions = false;
$_SESSION[‘selected_country’] = $_POST[‘billing_country’];
}

if(is_numeric($_POST[‘form_id’]))
{
$form_id = $_POST[‘form_id’];
$html_form_id = “region_country_form_$form_id”;
}
else
{
$html_form_id = ‘region_country_form’;
}

if(is_numeric($_POST[‘billing_region’]))
{
$_SESSION[‘selected_region’] = $_POST[‘billing_region’];
}
$cart =& $_SESSION[‘nzshpcrt_cart’];
if (($memberstatus[0]==’1′)&&(count($cart)>0)){
echo “
“;
}else{
if ($status[0]==’1′){
exit();
}
echo “if(document.getElementById(‘shoppingcartcontents’) != null)
{
document.getElementById(‘shoppingcartcontents’).innerHTML = \””.str_replace(Array(“\n”,”\r”) , “”,addslashes(nzshpcrt_shopping_basket_internals($cart,$quantity_limit))). “\”;
}
“;

if($do_not_refresh_regions == false)
{
$region_list = $wpdb->get_results(“SELECT ".$wpdb->prefix."region_tax.* FROM ".$wpdb->prefix."region_tax, ".$wpdb->prefix."currency_list WHERE ".$wpdb->prefix."currency_list.isocode IN(‘”.$_POST[‘billing_country’].”‘) AND ".$wpdb->prefix."currency_list.id = ".$wpdb->prefix."region_tax.country_id“,ARRAY_A) ;
if($region_list != null)
{
$output .= “<select name=’collected_data[“.$form_id.”][1]’ class=’current_region’ onchange=’set_billing_country(\\\”$html_form_id\\\”, \\\”$form_id\\\”);’>”;
//$output .= “<option value=”>None</option>”;
foreach($region_list as $region)
{
if($_SESSION[‘selected_region’] == $region[‘id’])
{
$selected = “selected=’true'”;
}
else
{
$selected = “”;
}
$output .= “<option value='”.$region[‘id’].”‘ $selected>”.$region[‘name’].”</option>”;
}
$output .= “</select>”;
echo “if(document.getElementById(‘region_select_$form_id’) != null)
{
document.getElementById(‘region_select_$form_id’).innerHTML = \””.$output.”\”;
}
“;
}
else
{
echo “if(document.getElementById(‘region_select_$form_id’) != null)
{
document.getElementById(‘region_select_$form_id’).innerHTML = \”\”;
}
“;
}
}
}
exit();
}

if(($_POST[‘get_country_tax’] == “true”) && preg_match(“/[a-zA-Z]{2,4}/”,$_POST[‘country_id’]))
{
$country_id = $_POST[‘country_id’];
$region_list = $wpdb->get_results(“SELECT ".$wpdb->prefix."region_tax.* FROM ".$wpdb->prefix."region_tax, ".$wpdb->prefix."currency_list WHERE ".$wpdb->prefix."currency_list.isocode IN(‘”.$country_id.”‘) AND ".$wpdb->prefix."currency_list.id = ".$wpdb->prefix."region_tax.country_id“,ARRAY_A) ;
if($region_list != null)
{
echo “<select name=’base_region’>\n\r”;
foreach($region_list as $region)
{
if(get_option(‘base_region’) == $region[‘id’])
{
$selected = “selected=’true'”;
}
else
{
$selected = “”;
}
echo “<option value='”.$region[‘id’].”‘ $selected>”.$region[‘name’].”</option>\n\r”;
}
echo “</select>\n\r”;
}
else { echo ” “; }
exit();
}

/* fill product form */
if(($_POST[‘set_slider’] == “true”) && is_numeric($_POST[‘state’]))
{
$_SESSION[‘slider_state’] = $_POST[‘state’];
exit();
} /* fill category form */

if($_GET[‘action’] == “register”)
{
$siteurl = get_option(‘siteurl’);
require_once( ABSPATH . WPINC . ‘/registration-functions.php’);
if(($_POST[‘action’]==’register’) && get_settings(‘users_can_register’))
{
//exit(“fail for testing purposes”);
$user_login = sanitize_user( $_POST[‘user_login’] );
$user_email = $_POST[‘user_email’];

$errors = array();

if ( $user_login == ” )
exit($errors[‘user_login’] = __(‘ERROR: Please enter a username.’));

/* checking e-mail address */
if ($user_email == ”) {
exit(__(‘ERROR: Please type your e-mail address.’));
} else if (!is_email($user_email)) {
exit( __(‘ERROR: The email address isn’t correct.’));
$user_email = ”;
}

if ( ! validate_username($user_login) ) {
$errors[‘user_login’] = __(‘ERROR: This username is invalid. Please enter a valid username.’);
$user_login = ”;
}

if ( username_exists( $user_login ) )
exit( __(‘ERROR: This username is already registered, please choose another one.’));

/* checking the email isn’t already used by another user */
$email_exists = $wpdb->get_row(“SELECT user_email FROM $wpdb->users WHERE user_email = ‘$user_email'”);
if ( $email_exists)
die (__(‘ERROR: This email address is already registered, please supply another.’));

if ( 0 == count($errors) ) {
$password = substr( md5( uniqid( microtime() ) ), 0, 7);
//xit(‘there?’);
$user_id = wp_create_user( $user_login, $password, $user_email );
if ( !$user_id )
{
exit(sprintf(__(‘ERROR: Couldn’t register you… please contact the webmaster !’), get_settings(‘admin_email’)));
}
else
{
wp_new_user_notification($user_id, $password);
?>
<div id=”login”>
<h2><?php _e(‘Registration Complete’) ?></h2>
<p><?php printf(__(‘Username: %s’), “” . wp_specialchars($user_login) . ““) ?>
<?php printf(__(‘Password: %s’), ‘‘ . __(’emailed to you’) . ‘‘) ?>
<?php printf(__(‘E-mail: %s’), “” . wp_specialchars($user_email) . ““) ?></p>
</div>
<?php
}
}
}
else
{
// onsubmit=’submit_register_form(this);return false;’
echo “<div id=’login’>
<h2>Register for this blog</h2>
<form id=’registerform’ action=’index.php?ajax=true&action=register’ onsubmit=’submit_register_form(this);return false;’ method=’post’>
<p><input type=’hidden’ value=’register’ name=’action’/>
<label for=’user_login’>Username:</label>
<input type=’text’ value=” maxlength=’20’ size=’20’ id=’user_login’ name=’user_login’/>
</p>
<p><label for=’user_email’>E-mail:</label>
<input type=’text’ value=” maxlength=’100′ size=’25’ id=’user_email’ name=’user_email’/></p>
<p>A password will be emailed to you.</p>
<p class=’submit’><input type=’submit’ name=’submit_form’ id=’submit’ value=’Register »’/><img id=’register_loading_img’ src='”.WPSC_URL.”/images/loading.gif’ alt=” title=”></p>

</form>
</div>”;
}

exit();
}

}
/*
* AJAX stuff stops here, I would put an exit here, but it may screw up other plugins
//exit();
*/
}

if(isset($_POST[‘language_setting’]) && ($_GET[‘page’] = WPSC_DIR_NAME.’/options.php’))
{
if($user_level >= 7)
{
update_option(‘language_setting’, $_POST[‘language_setting’]);
}
}

if(isset($_POST[‘language_setting’]) && ($_GET[‘page’] = WPSC_DIR_NAME.’/options.php’))
{
if($user_level >= 7)
{
update_option(‘language_setting’, $_POST[‘language_setting’]);
}
}

if(($_GET[‘rss’] == “true”) && ($_GET[‘rss_key’] == ‘key’) && ($_GET[‘action’] == “purchase_log”))
{
$sql = “SELECT * FROM ".$wpdb->prefix."purchase_logs WHERE date!=” ORDER BY date DESC”;
$purchase_log = $wpdb->get_results($sql,ARRAY_A);
header(“Content-Type: application/xml; charset=UTF-8”);
header(‘Content-Disposition: inline; filename=”WP_E-Commerce_Purchase_Log.rss”‘);
$output = ”;
$output .= “<?xml version=’1.0′?>\n\r”;
$output .= “<rss version=’2.0′>\n\r”;
$output .= ” <channel>\n\r”;
$output .= ” <title>WP E-Commerce Product Log</title>\n\r”;
$output .= ” <link>”.get_option(‘siteurl’).”/wp-admin/admin.php?page=”.WPSC_DIR_NAME.”/display-log.php</link>\n\r”;
$output .= ” <description>This is the WP E-Commerce Product Log RSS feed</description>\n\r”;
$output .= ” <generator>WP E-Commerce Plugin</generator>\n\r”;

foreach((array)$purchase_log as $purchase)
{
$purchase_link = get_option(‘siteurl’).”/wp-admin/admin.php?page=”.WPSC_DIR_NAME.”/display-log.php&purchaseid=”.$purchase[‘id’];
$output .= ” <item>\n\r”;
$output .= ” <title>Purchase No. “.$purchase[‘id’].”</title>\n\r”;
$output .= ” <link>$purchase_link</link>\n\r”;
$output .= ” <description>This is an entry in the purchase log.</description>\n\r”;
$output .= ” <pubDate>”.date(“r”,$purchase[‘date’]).”</pubDate>\n\r”;
$output .= ” <guid>$purchase_link</guid>\n\r”;
$output .= ” </item>\n\r”;
}
$output .= ” </channel>\n\r”;
$output .= “</rss>”;
echo $output;
exit();
}

if(($_GET[‘rss’] == “true”) && ($_GET[‘action’] == “product_list”)) {
$siteurl = get_option(‘siteurl’);
if(is_numeric($_GET[‘limit’])) {
$limit = “LIMIT “.$_GET[‘limit’].””;
} else {
$limit = ”;
}

// LIMIT $startnum
if(is_numeric($_GET[‘product_id’])) {
$sql = “SELECT * FROM ".$wpdb->prefix."product_list WHERE active IN(‘1’) AND id IN(‘”.$_GET[‘product_id’].”‘) LIMIT 1″;
} else if($_GET[‘random’] == ‘true’) {
$sql = “SELECT * FROM ".$wpdb->prefix."product_list WHERE active IN(‘1’) ORDER BY RAND() $limit”;
} else if(is_numeric($_GET[‘category_id’])) {
/* man, this is a hard to read SQL statement */
$sql = “SELECT DISTINCT ".$wpdb->prefix."product_list.*, ".$wpdb->prefix."item_category_associations.category_id,".$wpdb->prefix."product_order.order, IF(ISNULL(".$wpdb->prefix."product_order.order), 0, 1) AS order_state FROM ".$wpdb->prefix."product_list LEFT JOIN ".$wpdb->prefix."item_category_associations ON ".$wpdb->prefix."product_list.id = ".$wpdb->prefix."item_category_associations.product_id LEFT JOIN ".$wpdb->prefix."product_order ON ( ( ".$wpdb->prefix."product_list.id = ".$wpdb->prefix."product_order.product_id ) AND ( ".$wpdb->prefix."item_category_associations.category_id = ".$wpdb->prefix."product_order.category_id ) ) WHERE ".$wpdb->prefix."product_list.active = ‘1’ AND ".$wpdb->prefix."item_category_associations.category_id IN (‘”.$_GET[‘category_id’].”‘) ORDER BY order_state DESC,".$wpdb->prefix."product_order.order ASC $limit”;
} else {
$sql = “SELECT DISTINCT * FROM ".$wpdb->prefix."product_list WHERE active IN(‘1’) ORDER BY id DESC $limit”;
}

include_once(WPSC_FILE_PATH.”/product_display_functions.php”);
include_once(WPSC_FILE_PATH.”/show_cats_brands.php”);

if(isset($_GET[‘category_id’]) and is_numeric($_GET[‘category_id’])){
$selected_category = “&category_id=”.$_GET[‘category’].””;
}
$self = get_option(‘siteurl’).”/index.php?rss=true&action=product_list$selected_category”;

$product_list = $wpdb->get_results($sql,ARRAY_A);
header(“Content-Type: application/xml; charset=UTF-8”);
header(‘Content-Disposition: inline; filename=”E-Commerce_Product_List.rss”‘);
$output = “<?xml version=’1.0′?>\n\r”;
$output .= “<rss version=’2.0′ xmlns:atom=’http://www.w3.org/2005/Atom&#8217; xmlns:product=’http://www.buy.com/rss/module/productV2/