Merge pull request #1002 from gburton/1.0.7.8

1.0.7.8

README.md

@@ -69,8 +69,9 @@ Please be aware that language packs are maintained by volunteers so may not be u
 
 Name | URL | Services Offered
 ------------ | ------------- | ------------- 
-Rainer | https://www.oscaddons.com/index.php/en | Providing all kinds of support for CE Phoenix online stores. You will find Add-Ons which add functionality and features to your store.  Completely free Add-Ons and a selection of commercial Add-Ons at very affordable prices exclusive to my website.  On the other hand you can count on installation and programming services at very competitive prices.  Visit my website and feel free to contact me - English, Deutsch and Español.
-John | https://sewebsites.net/ | Custom jobs, big or small, including adapting existing addons to CE Phoenix. Integration of stock systems and new payment methods. Addons both free and great value, soon to be added to the site.
+Rainer<br>[@raiwa](https://forums.oscommerce.com/profile/249059-raiwa/) | [oscaddons.com](https://www.oscaddons.com/index.php/en) | Providing all kinds of support for CE Phoenix online stores. You will find Add-Ons which add functionality and features to your store.  Completely free Add-Ons and a selection of commercial Add-Ons at very affordable prices exclusive to my website.  On the other hand you can count on installation and programming services at very competitive prices.  Visit my website and feel free to contact me - English, Deutsch and Español.
+John<br>[@BrockleyJohn](https://forums.oscommerce.com/profile/220375-brockleyjohn/) | [sewebsites.net](https://sewebsites.net/) | Custom jobs, big or small, including adapting existing addons to CE Phoenix. Integration of stock systems and new payment methods. Addons both free and great value, soon to be added to the site.
+Preston<br>[@zipurman](https://forums.oscommerce.com/profile/406830-zipurman/) | [phoenixaddons.com](https://phoenixaddons.com/) | Any need for programming in your CE Phoenix online store, or any PHP/JS/CSS/SQL, I am happy to help. We also offer hosting on our own VMWare servers and have been building web solutions and hosting for over 20 years. The website offers some free add-ons and more coming soon. Thanks for any consideration on your projects. (CST Canada)
 
 # External Libraries
 

admin/administrators.php

@@ -62,7 +62,7 @@
           tep_db_query("insert into administrators (user_name, user_password) values ('" . tep_db_input($username) . "', '" . tep_db_input(tep_encrypt_password($password)) . "')");
 
           if (is_array($htpasswd_array)) {
-            for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
+            for ($i=0, $n=count($htpasswd_array); $i<$n; $i++) {
               list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
 
               if ($ht_username == $username) {
@@ -78,14 +78,14 @@
             fwrite($fp, implode("\n", $htpasswd_array));
             fclose($fp);
 
-            if (!in_array('AuthUserFile ' . DIR_FS_ADMIN . '.htpasswd_oscommerce', $htaccess_array) && !empty($htpasswd_array)) {
-              array_splice($htaccess_array, sizeof($htaccess_array), 0, $authuserfile_array);
-            } elseif (empty($htpasswd_array)) {
-              for ($i=0, $n=sizeof($htaccess_array); $i<$n; $i++) {
+            if (empty($htpasswd_array)) {
+              for ($i=0, $n=count($htaccess_array); $i<$n; $i++) {
                 if (in_array($htaccess_array[$i], $authuserfile_array)) {
                   unset($htaccess_array[$i]);
                 }
               }
+            } elseif (!in_array('AuthUserFile ' . DIR_FS_ADMIN . '.htpasswd_oscommerce', $htaccess_array)) {
+              array_splice($htaccess_array, count($htaccess_array), 0, $authuserfile_array);
             }
 
             $fp = fopen(DIR_FS_ADMIN . '.htaccess', 'w');
@@ -116,7 +116,11 @@
 
 // update username in htpasswd if changed
         if (is_array($htpasswd_array)) {
-          for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
+          for ($i=0, $n=count($htpasswd_array); $i<$n; $i++) {
+            if (false === strpos($htpasswd_array[$i], ':')) {
+              continue;
+            }
+
             list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
 
             if ( ($check['user_name'] == $ht_username) && ($check['user_name'] != $username) ) {
@@ -130,7 +134,7 @@
         if (tep_not_null($password)) {
 // update password in htpasswd
           if (is_array($htpasswd_array)) {
-            for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
+            for ($i=0, $n=count($htpasswd_array); $i<$n; $i++) {
               list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
 
               if ($ht_username == $username) {
@@ -146,7 +150,7 @@
           tep_db_query("update administrators set user_password = '" . tep_db_input(tep_encrypt_password($password)) . "' where id = '" . (int)$_GET['aID'] . "'");
         } elseif (!isset($_POST['htaccess']) || ($_POST['htaccess'] != 'true')) {
           if (is_array($htpasswd_array)) {
-            for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
+            for ($i=0, $n=count($htpasswd_array); $i<$n; $i++) {
               list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
 
               if ($ht_username == $username) {
@@ -163,9 +167,9 @@
           fclose($fp);
 
           if (!in_array('AuthUserFile ' . DIR_FS_ADMIN . '.htpasswd_oscommerce', $htaccess_array) && !empty($htpasswd_array)) {
-            array_splice($htaccess_array, sizeof($htaccess_array), 0, $authuserfile_array);
+            array_splice($htaccess_array, count($htaccess_array), 0, $authuserfile_array);
           } elseif (empty($htpasswd_array)) {
-            for ($i=0, $n=sizeof($htaccess_array); $i<$n; $i++) {
+            for ($i=0, $n=count($htaccess_array); $i<$n; $i++) {
               if (in_array($htaccess_array[$i], $authuserfile_array)) {
                 unset($htaccess_array[$i]);
               }
@@ -194,7 +198,7 @@
         tep_db_query("delete from administrators where id = '" . (int)$id . "'");
 
         if (is_array($htpasswd_array)) {
-          for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
+          for ($i=0, $n=count($htpasswd_array); $i<$n; $i++) {
             list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
 
             if ($ht_username == $check['user_name']) {
@@ -207,7 +211,7 @@
           fclose($fp);
 
           if (empty($htpasswd_array)) {
-            for ($i=0, $n=sizeof($htaccess_array); $i<$n; $i++) {
+            for ($i=0, $n=count($htaccess_array); $i<$n; $i++) {
               if (in_array($htaccess_array[$i], $authuserfile_array)) {
                 unset($htaccess_array[$i]);
               }
@@ -245,7 +249,7 @@
 
   <div class="row">
     <div class="col">
-      <h1 class="display-4 mb-2"><?php echo HEADING_TITLE; ?></h1>
+      <h1 class="display-4 mb-2"><?= HEADING_TITLE ?></h1>
     </div>
     <div class="col text-right align-self-center">
       <?php
@@ -264,16 +268,16 @@
         <table class="table table-striped table-hover">
           <thead class="thead-dark">
             <tr>
-              <th><?php echo TABLE_HEADING_ADMINISTRATORS; ?></th>
-              <th class="text-center"><?php echo TABLE_HEADING_HTPASSWD; ?></th>
-              <th class="text-right"><?php echo TABLE_HEADING_ACTION; ?></th>
+              <th><?= TABLE_HEADING_ADMINISTRATORS ?></th>
+              <th class="text-center"><?= TABLE_HEADING_HTPASSWD ?></th>
+              <th class="text-right"><?= TABLE_HEADING_ACTION ?></th>
             </tr>
           </thead>
           <tbody>
             <?php
             $admins_query = tep_db_query("select id, user_name from administrators order by user_name");
             while ($admins = tep_db_fetch_array($admins_query)) {
-              if ((!isset($_GET['aID']) || (isset($_GET['aID']) && ($_GET['aID'] == $admins['id']))) && !isset($aInfo) && (substr($action, 0, 3) != 'new')) {
+              if (!isset($aInfo) && (!isset($_GET['aID']) || ($_GET['aID'] == $admins['id'])) && (substr($action, 0, 3) != 'new')) {
                 $aInfo = new objectInfo($admins);
               }
 
@@ -284,7 +288,11 @@
               }
 
               if (is_array($htpasswd_array)) {
-                for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
+                for ($i=0, $n=count($htpasswd_array); $i<$n; $i++) {
+                  if (false === strpos($htpasswd_array[$i], ':')) {
+                    continue;
+                  }
+
                   list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
 
                   if ($ht_username == $admins['user_name']) {
@@ -294,15 +302,17 @@
                 }
               }
 
-              if ( (isset($aInfo) && is_object($aInfo)) && ($admins['id'] == $aInfo->id) ) {
+              if ( isset($aInfo->id) && ($admins['id'] == $aInfo->id) ) {
                 echo '<tr class="table-active" onclick="document.location.href=\'' . tep_href_link('administrators.php', 'aID=' . $aInfo->id . '&action=edit') . '\'">' . "\n";
+                $icon = '<i class="fas fa-chevron-circle-right text-info"></i>';
               } else {
                 echo '<tr onclick="document.location.href=\'' . tep_href_link('administrators.php', 'aID=' . $admins['id']) . '\'">' . "\n";
+                $icon = '<a href="' . tep_href_link('administrators.php', 'aID=' . $admins['id']) . '"><i class="fas fa-info-circle text-muted"></i></a>';
               }
               ?>
-                <td><?php echo $admins['user_name']; ?></td>
-                <td class="text-center"><?php echo $htpasswd_secured; ?></td>
-                <td class="text-right"><?php if ( (isset($aInfo) && is_object($aInfo)) && ($admins['id'] == $aInfo->id) ) { echo '<i class="fas fa-chevron-circle-right text-info"></i>'; } else { echo '<a href="' . tep_href_link('administrators.php', 'aID=' . $admins['id']) . '"><i class="fas fa-info-circle text-muted"></i></a>'; } ?></td>
+                <td><?= $admins['user_name'] ?></td>
+                <td class="text-center"><?= $htpasswd_secured ?></td>
+                <td class="text-right"><?= $icon ?></td>
               </tr>
 <?php
   }
@@ -347,7 +357,7 @@
       if (is_array($htpasswd_array)) {
         $default_flag = false;
 
-        for ($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
+        for ($i=0, $n=count($htpasswd_array); $i<$n; $i++) {
           list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
 
           if ($ht_username == $aInfo->user_name) {

admin/categories.php

@@ -549,7 +549,7 @@ function updateNet() {
           <label for="pQty" class="col-form-label col-sm-3 text-left text-sm-right"><?php echo TEXT_PRODUCTS_QUANTITY; ?></label>
           <div class="col-sm-9">
             <?php
-            echo tep_draw_input_field('products_quantity', $pInfo->products_quantity, 'id="pQty" class="form-control w-25"');
+            echo tep_draw_input_field('products_quantity', $pInfo->products_quantity, 'required aria-required="true" id="pQty" class="form-control w-25"');
             ?>
           </div>
         </div>
@@ -601,7 +601,7 @@ function updateNet() {
           <label for="pNet" class="col-form-label col-sm-3 text-left text-sm-right"><?php echo TEXT_PRODUCTS_PRICE_NET; ?></label>
           <div class="col-sm-9">
             <?php
-            echo tep_draw_input_field('products_price', $pInfo->products_price, 'id="pNet" class="form-control w-25" onchange="updateGross()"');
+            echo tep_draw_input_field('products_price', $pInfo->products_price, 'required aria-required="true" id="pNet" class="form-control w-25" onchange="updateGross()"');
             ?>
           </div>
         </div>
@@ -668,7 +668,7 @@ function updateNet() {
                     <label for="pDesc" class="col-form-label col-sm-3 text-left text-sm-right"><?php echo TEXT_PRODUCTS_DESCRIPTION; ?></label>
                     <div class="col-sm-9">
                       <?php
-                      echo tep_draw_textarea_field('products_description[' . $languages[$i]['id'] . ']', 'soft', '70', '15', (empty($pInfo->products_id) ? '' : tep_get_products_description($pInfo->products_id, $languages[$i]['id'])), 'class="form-control" id="pDesc"');
+                      echo tep_draw_textarea_field('products_description[' . $languages[$i]['id'] . ']', 'soft', '70', '15', (empty($pInfo->products_id) ? '' : tep_get_products_description($pInfo->products_id, $languages[$i]['id'])), 'required aria-required="true" class="form-control" id="pDesc"');
                       ?>
                     </div>
                   </div>
@@ -737,8 +737,8 @@ function updateNet() {
             <div class="col-sm-9">
               <div class="custom-file mb-2">
                 <?php
-                echo tep_draw_input_field('products_image', '', 'id="pImg"', 'file', null, 'class="form-control-input"');
-                echo '<label class="custom-file-label" for="pImg">' . $pInfo->products_image . '</label>';
+                echo tep_draw_input_field('products_image', '', 'id="pImg"', 'file', null, (!tep_not_null($pInfo->products_image) ? 'required aria-required="true" ' : null) . 'class="form-control-input"');
+                echo '<label class="custom-file-label" for="pImg">' . $pInfo->products_image . '</label>';                
                 ?>
               </div>
             </div>

admin/customers.php

@@ -214,9 +214,9 @@
             }
             ?>
               <tr <?php echo $css; ?>onclick="document.location.href='<?php echo $href; ?>'">
-                <td class="dataTableContent"><?php echo $customer_data->get('sortable_name', $customers); ?></td>
-                <td class="dataTableContent" align="right"><?php echo tep_date_short($info['date_account_created']); ?></td>
-                <td class="dataTableContent" align="right"><?php echo $icon; ?></td>
+                <td><?php echo $customer_data->get('sortable_name', $customers); ?></td>
+                <td class="text-right"><?php echo tep_date_short($info['date_account_created']); ?></td>
+                <td class="text-right"><?php echo $icon; ?></td>
               </tr>
               <?php
             }

admin/includes/functions/general.php

@@ -50,6 +50,7 @@ function tep_redirect($url) {
 ////
 // Parse the data used in the html tags to ensure the tags will not break
   function tep_parse_input_field_data($data, $parse) {
+    trigger_error('The tep_parse_input_field_data function has been deprecated.', E_USER_DEPRECATED);
     return strtr(trim($data), $parse);
   }
 
@@ -62,7 +63,7 @@ function tep_output_string($string, $translate = false, $protected = false) {
       $translate = ['"' => '"'];
     }
 
-    return tep_parse_input_field_data($string, $translate);
+    return strtr(trim($string), $translate);
   }
 
   function tep_output_string_protected($string) {
@@ -1475,3 +1476,12 @@ function tep_block_form_processing() {
   function tep_form_processing_is_valid() {
     return !($GLOBALS['error'] ?? false);
   }
+
+  function tep_ltrim_once($s, $prefix) {
+    $length = strlen($prefix);
+    if (substr($s, 0, $length) === $prefix) {
+      return substr($s, $length);
+    }
+
+    return $s;
+  }

admin/includes/languages/english/version_check.php

@@ -5,7 +5,7 @@
   osCommerce, Open Source E-Commerce Solutions
   http://www.oscommerce.com
 
-  Copyright (c) 2010 osCommerce
+  Copyright (c) 2020 osCommerce
 
   Released under the GNU General Public License
 */
@@ -16,10 +16,10 @@
 define('TABLE_HEADING_RELEASED', 'Release Date');
 define('TABLE_HEADING_ACTION', 'Action');
 
-define('TEXT_RELEASE_LINK', 'View Release Annoucement');
+define('TEXT_RELEASE_LINK', 'View Release Announcement');
 
 define('TITLE_INSTALLED_VERSION', 'Installed Version:');
 
-define('VERSION_RUNNING_LATEST', 'You are running the latest version of OSCOM CE Phoenix.');
-define('VERSION_UPGRADES_AVAILABLE', 'A new version is available for download! (OSCOM CE Phoenix v%s)<hr><a class="alert-link" target="_blank" href="https://forums.oscommerce.com/topic/494774-certified-service-providers-development-hosting-themes-and-more/">Certified Developers</a> and detailed "<a class="alert-link" target="_blank" href="https://forums.oscommerce.com/tags/phoenix%%20update/">Do It Yourself</a>" instructions are available in the Phoenix Club.');
-define('ERROR_COULD_NOT_CONNECT', 'Could not connect to the osCommerce website to check for new versions.');
+define('VERSION_RUNNING_LATEST', 'You are running the latest version of CE Phoenix.');
+define('VERSION_UPGRADES_AVAILABLE', 'A new version is available for download! (CE Phoenix v%s)<hr><a class="alert-link" target="_blank" href="https://forums.oscommerce.com/topic/494774-certified-service-providers-development-hosting-themes-and-more/">Certified Developers</a> and detailed "<a class="alert-link" target="_blank" href="https://forums.oscommerce.com/tags/phoenix%%20update/">Do It Yourself</a>" instructions are available in the Phoenix Club.');
+define('ERROR_COULD_NOT_CONNECT', 'Could not connect to the CE Phoenix website to check for new versions.');

admin/includes/modules/dashboard/d_customers.php

@@ -55,8 +55,8 @@ function getOutput() {
       while ($customers = tep_db_fetch_array($customers_query)) {
         $output .= sprintf(<<<'EOTEXT'
     <tr>
-      <td class="dataTableContent"><a href="%s">%s</a></td>
-      <td class="dataTableContent" align="right">%s</td>
+      <td><a href="%s">%s</a></td>
+      <td class="text-right">%s</td>
     </tr>
 EOTEXT
 , tep_href_link('customers.php', 'cID=' . (int)$customer_data->get('id', $customers) . '&action=edit'),

admin/modules.php

@@ -199,6 +199,10 @@
                       $keys_extra[$key] = [];
                     }
 
+                    if (is_null($key_value) && ($module->check() <= 0)) {
+                      continue;
+                    }
+
                     $keys_extra[$key]['title'] = $key_value['configuration_title'];
                     $keys_extra[$key]['value'] = $key_value['configuration_value'];
                     $keys_extra[$key]['description'] = $key_value['configuration_description'];

admin/modules_content.php

@@ -290,7 +290,7 @@ function _sortContentModuleFiles($a, $b) {
                 <td class="text-right">
                   <?php echo ($module->enabled == 1) ? '<i class="fas fa-check-circle text-success"></i>' : '<i class="fas fa-times-circle text-danger"></i>'; ?>
                 </td>
-                <td class="dataTableContent" align="right"><?php if (isset($mInfo) && is_object($mInfo) && ($module->code == $mInfo->code) ) { echo '<i class="fas fa-chevron-circle-right text-info"></i>'; } else { echo '<a href="' . tep_href_link('modules_content.php', 'module=' . $module->code) . '"><i class="fas fa-info-circle text-muted"></i></a>'; } ?></td>
+                <td class="text-right"><?php if (isset($mInfo) && is_object($mInfo) && ($module->code == $mInfo->code) ) { echo '<i class="fas fa-chevron-circle-right text-info"></i>'; } else { echo '<a href="' . tep_href_link('modules_content.php', 'module=' . $module->code) . '"><i class="fas fa-info-circle text-muted"></i></a>'; } ?></td>
               </tr>
               <?php
               }

admin/orders.php

@@ -272,14 +272,14 @@
                   echo '<td>' . $orders_history['date_added'] . '</td>';
                   echo '<td>' . $orders_status_array[$orders_history['orders_status_id']] . '</td>';
                   echo '<td>' . nl2br(tep_db_output($orders_history['comments'])) . '&nbsp;</td>';
-                  echo '<td class="text-right" valign="top" align="right">';
+                  echo '<td class="text-right">';
                     echo ($orders_history['customer_notified'] == '1') ? '<i class="fas fa-check-circle text-success"></i>' : '<i class="fas fa-times-circle text-danger"></i>';
                   echo '</td>';
                 echo '</tr>' . "\n";
               }
             } else {
               echo '<tr>';
-                echo '<td colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>';
+                echo '<td colspan="4">' . TEXT_NO_ORDER_HISTORY . '</td>';
               echo '</tr>';
             }
             ?>