osCommerce Online Merchant v2.2 RC2 Upgrade Notes

The following upgrade guide is based on the osCommerce 2.2 Release Candidate 1 release. If you have not yet updated to this release please review its upgrade guide in the extras directory (upgrade-22rc1.html) before applying these changes.

The following changes should be performed in order to upgrade an existing osCommerce Online Merchant v2.2 RC1 store to v2.2 RC2.

Legend: [SQL] Database Changes; [A] Administration Tool; [C] Catalog

[SQL] Database changes

alter table banners add index idx_banners_group (banners_group); alter table banners_history add index idx_banners_history_banners_id (banners_id); alter table currencies add index idx_currencies_code (code); alter table customers add index idx_customers_email_address (customers_email_address); alter table customers_basket add index idx_customers_basket_customers_id (customers_id); alter table customers_basket_attributes add index idx_customers_basket_att_customers_id (customers_id); alter table orders add index idx_orders_customers_id (customers_id); alter table orders_products add index idx_orders_products_orders_id (orders_id); alter table orders_products add index idx_orders_products_products_id (products_id); alter table orders_status_history add index idx_orders_status_history_orders_id (orders_id); alter table orders_products_attributes add index idx_orders_products_att_orders_id (orders_id); alter table orders_products_download add index idx_orders_products_download_orders_id (orders_id); alter table products add index idx_products_model (products_model); alter table products_attributes add index idx_products_attributes_products_id (products_id); alter table reviews add index idx_reviews_products_id (products_id); alter table reviews add index idx_reviews_customers_id (customers_id); alter table specials add index idx_specials_products_id (products_id); alter table zones add index idx_zones_to_geo_zones_country_id (zone_country_id); alter table orders_status add public_flag int DEFAULT '1'; alter table orders_status add downloads_flag int DEFAULT '0'; alter table orders modify payment_method varchar(255) NOT NULL; alter table whos_online modify last_page_url text NOT NULL;

[A] Allow Administration Tool elements to be dynamically controlled

Affected Files
catalog/admin/includes/general.js

File: catalog/admin/includes/general.js (online) (raw)
3131 function rowOutEffect(object) {
3232   if (object.className == 'dataTableRowOver') object.className = 'dataTableRow';
3333 }
 34+
 35+function toggleDivBlock(id) {
 36+  if (document.getElementById) {
 37+    itm = document.getElementById(id);
 38+  } else if (document.all){
 39+    itm = document.all[id];
 40+  } else if (document.layers){
 41+    itm = document.layers[id];
 42+  }
 43+
 44+  if (itm) {
 45+    if (itm.style.display != "none") {
 46+      itm.style.display = "none";
 47+    } else {
 48+      itm.style.display = "block";
 49+    }
 50+  }
 51+}

[C] Update download delivery routine

Affected Files
catalog/download.php

File: catalog/download.php (online) (raw)
9090     umask(0000);
9191     mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777);
9292     symlink(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'], DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']);
93 -    tep_redirect(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']);
94 -  } else {
95 -// This will work on all systems, but will need considerable resources
96 -// We could also loop with fread($fp, 4096) to save memory
97 -    readfile(DIR_FS_DOWNLOAD . $downloads['orders_products_filename']);
 93+    if (file_exists(DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename'])) {
 94+      tep_redirect(tep_href_link(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']));
 95+    }
9896   }
 97+
 98+// Fallback to readfile() delivery method. This will work on all systems, but will need considerable resources
 99+  readfile(DIR_FS_DOWNLOAD . $downloads['orders_products_filename']);
99100 ?>

[C] Remove redundant currencies

Affected Files
catalog/includes/classes/currencies.php

File: catalog/includes/classes/currencies.php (online) (raw)
4040       if ($calculate_currency_value == true) {
4141         $rate = (tep_not_null($currency_value)) ? $currency_value : $this->currencies[$currency_type]['value'];
4242         $format_string = $this->currencies[$currency_type]['symbol_left'] . number_format(tep_round($number * $rate, $this->currencies[$currency_type]['decimal_places']), $this->currencies[$currency_type]['decimal_places'], $this->currencies[$currency_type]['decimal_point'], $this->currencies[$currency_type]['thousands_point']) . $this->currencies[$currency_type]['symbol_right'];
43 -// if the selected currency is in the european euro-conversion and the default currency is euro,
44 -// the currency will displayed in the national currency and euro currency
45 -        if ( (DEFAULT_CURRENCY == 'EUR') && ($currency_type == 'DEM' || $currency_type == 'BEF' || $currency_type == 'LUF' || $currency_type == 'ESP' || $currency_type == 'FRF' || $currency_type == 'IEP' || $currency_type == 'ITL' || $currency_type == 'NLG' || $currency_type == 'ATS' || $currency_type == 'PTE' || $currency_type == 'FIM' || $currency_type == 'GRD') ) {
46 -          $format_string .= ' <small>[' . $this->format($number, true, 'EUR') . ']</small>';
47 -        }
4843       } else {
4944         $format_string = $this->currencies[$currency_type]['symbol_left'] . number_format(tep_round($number, $this->currencies[$currency_type]['decimal_places']), $this->currencies[$currency_type]['decimal_places'], $this->currencies[$currency_type]['decimal_point'], $this->currencies[$currency_type]['thousands_point']) . $this->currencies[$currency_type]['symbol_right'];
5045       }

[C] Update navigation history class

Affected Files
catalog/includes/classes/navigation_history.php

File: catalog/includes/classes/navigation_history.php (online) (raw)
127127     function filter_parameters($parameters) {
128128       $clean = array();
129129 
130 -      reset($parameters);
131 -      while (list($key, $value) = each($parameters)) {
132 -        if (strpos($key, '_nh-dns') < 1) {
133 -          $clean[$key] = $value;
 130+      if (is_array($parameters)) {
 131+        reset($parameters);
 132+        while (list($key, $value) = each($parameters)) {
 133+          if (strpos($key, '_nh-dns') < 1) {
 134+            $clean[$key] = $value;
 135+          }
134136         }
135137       }
136138 

[C] Update order totals class

Affected Files
catalog/includes/classes/order_total.php

File: catalog/includes/classes/order_total.php (online) (raw)
3838         while (list(, $value) = each($this->modules)) {
3939           $class = substr($value, 0, strrpos($value, '.'));
4040           if ($GLOBALS[$class]->enabled) {
 41+            $GLOBALS[$class]->output = array();
4142             $GLOBALS[$class]->process();
4243 
4344             for ($i=0, $n=sizeof($GLOBALS[$class]->output); $i<$n; $i++) {

Checkout procedure update

Affected Files
catalog/checkout_payment.php
catalog/checkout_process.php
catalog/checkout_shipping.php
catalog/shopping_cart.php
catalog/includes/header.php
catalog/includes/classes/order.php
catalog/includes/classes/payment.php
catalog/includes/functions/general.php
catalog/includes/modules/payment/cc.php
catalog/includes/languages/english/shopping_cart.php
catalog/includes/languages/espanol/shopping_cart.php
catalog/includes/languages/german/shopping_cart.php

File: catalog/checkout_payment.php (online) (raw)
5252     $billto = $customer_default_address_id;
5353   } else {
5454 // verify the selected billing address
55 -    $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$billto . "'");
56 -    $check_address = tep_db_fetch_array($check_address_query);
 55+    if ( (is_array($billto) && empty($billto)) || is_numeric($billto) ) {
 56+      $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$billto . "'");
 57+      $check_address = tep_db_fetch_array($check_address_query);
5758 
58 -    if ($check_address['total'] != '1') {
59 -      $billto = $customer_default_address_id;
60 -      if (tep_session_is_registered('payment')) tep_session_unregister('payment');
 59+      if ($check_address['total'] != '1') {
 60+        $billto = $customer_default_address_id;
 61+        if (tep_session_is_registered('payment')) tep_session_unregister('payment');
 62+      }
6163     }
6264   }
6365 

File: catalog/checkout_process.php (online) (raw)
1717     $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT));
1818     tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
1919   }
20 - 
21 -  if (!tep_session_is_registered('sendto')) {
22 -    tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
 20+
 21+// if there is nothing in the customers cart, redirect them to the shopping cart page
 22+  if ($cart->count_contents() < 1) {
 23+    tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
2324   }
2425 
 26+// if no shipping method has been selected, redirect the customer to the shipping method selection page
 27+  if (!tep_session_is_registered('shipping') || !tep_session_is_registered('sendto')) {
 28+    tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
 29+  }
 30+
2531   if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) {
2632     tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
2733  }
   
4652   require(DIR_WS_CLASSES . 'order.php');
4753   $order = new order;
4854 
 55+// Stock Check
 56+  $any_out_of_stock = false;
 57+  if (STOCK_CHECK == 'true') {
 58+    for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
 59+      if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) {
 60+        $any_out_of_stock = true;
 61+      }
 62+    }
 63+    // Out of Stock
 64+    if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) {
 65+      tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
 66+    }
 67+  }
 68+
 69+  $payment_modules->update_status();
 70+
 71+  if ( ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) || (is_object($$payment) && ($$payment->enabled == false)) ) {
 72+    tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL'));
 73+  }
 74+
4975   require(DIR_WS_CLASSES . 'order_total.php');
5076   $order_total_modules = new order_total;
5177 
   
6692                           'customers_telephone' => $order->customer['telephone'],
6793                           'customers_email_address' => $order->customer['email_address'],
6894                           'customers_address_format_id' => $order->customer['format_id'],
69 -                          'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'],
 95+                          'delivery_name' => trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']),
7096                           'delivery_company' => $order->delivery['company'],
7197                           'delivery_street_address' => $order->delivery['street_address'],
7298                           'delivery_suburb' => $order->delivery['suburb'],

File: catalog/checkout_shipping.php (online) (raw)
3030     $sendto = $customer_default_address_id;
3131   } else {
3232 // verify the selected shipping address
33 -    $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$sendto . "'");
34 -    $check_address = tep_db_fetch_array($check_address_query);
 33+    if ( (is_array($sendto) && empty($sendto)) || is_numeric($sendto) ) {
 34+      $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$sendto . "'");
 35+      $check_address = tep_db_fetch_array($check_address_query);
3536 
36 -    if ($check_address['total'] != '1') {
37 -      $sendto = $customer_default_address_id;
38 -      if (tep_session_is_registered('shipping')) tep_session_unregister('shipping');
 37+      if ($check_address['total'] != '1') {
 38+        $sendto = $customer_default_address_id;
 39+        if (tep_session_is_registered('shipping')) tep_session_unregister('shipping');
 40+      }
3941     }
4042   }
4143 

File: catalog/shopping_cart.php (online) (raw)
1212 
1313   require("includes/application_top.php");
1414 
 15+  if ($cart->count_contents() > 0) {
 16+    include(DIR_WS_CLASSES . 'payment.php');
 17+    $payment_modules = new payment;
 18+  }
 19+
1520   require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_SHOPPING_CART);
1621 
1722   $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_SHOPPING_CART));
   
202207         </table></td>
203208       </tr>
204209 <?php
 210+    $initialize_checkout_methods = $payment_modules->checkout_initialization_method();
 211+
 212+    if (!empty($initialize_checkout_methods)) {
 213+?>
 214+      <tr>
 215+        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
 216+      </tr>
 217+      <tr>
 218+        <td align="right" class="main" style="padding-right: 50px;"><?php echo TEXT_ALTERNATIVE_CHECKOUT_METHODS; ?></td>
 219+      </tr>
 220+<?php
 221+      reset($initialize_checkout_methods);
 222+      while (list(, $value) = each($initialize_checkout_methods)) {
 223+?>
 224+      <tr>
 225+        <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
 226+      </tr>
 227+      <tr>
 228+        <td align="right" class="main"><?php echo $value; ?></td>
 229+      </tr>
 230+<?php
 231+      }
 232+    }
205233   } else {
206234 ?>
207235       <tr>

File: catalog/includes/header.php (online) (raw)
6969 ?>
7070 <table border="0" width="100%" cellspacing="0" cellpadding="2">
7171   <tr class="headerError">
72 -    <td class="headerError"><?php echo htmlspecialchars(urldecode($HTTP_GET_VARS['error_message'])); ?></td>
 72+    <td class="headerError"><?php echo htmlspecialchars(stripslashes(urldecode($HTTP_GET_VARS['error_message']))); ?></td>
7373   </tr>
7474 </table>
7575 <?php
   
7979 ?>
8080 <table border="0" width="100%" cellspacing="0" cellpadding="2">
8181   <tr class="headerInfo">
82 -    <td class="headerInfo"><?php echo htmlspecialchars($HTTP_GET_VARS['info_message']); ?></td>
 82+    <td class="headerInfo"><?php echo htmlspecialchars(stripslashes(urldecode($HTTP_GET_VARS['info_message']))); ?></td>
8383   </tr>
8484 </table>
8585 <?php

File: catalog/includes/classes/order.php (online) (raw)
7676                               'telephone' => $order['customers_telephone'],
7777                               'email_address' => $order['customers_email_address']);
7878 
79 -      $this->delivery = array('name' => $order['delivery_name'],
 79+      $this->delivery = array('name' => trim($order['delivery_name']),
8080                               'company' => $order['delivery_company'],
8181                               'street_address' => $order['delivery_street_address'],
8282                               'suburb' => $order['delivery_suburb'],
   
131131     }
132132 
133133     function cart() {
134 -      global $HTTP_POST_VARS, $customer_id, $sendto, $billto, $cart, $languages_id, $currency, $currencies, $shipping, $payment, $comments;
 134+      global $HTTP_POST_VARS, $customer_id, $sendto, $billto, $cart, $languages_id, $currency, $currencies, $shipping, $payment, $comments, $customer_default_address_id;
135135 
136136       $this->content_type = $cart->get_content_type();
137137 
 138+      if ( ($this->content_type != 'virtual') && ($sendto == false) ) {
 139+        $sendto = $customer_default_address_id;
 140+      }
 141+
138142       $customer_address_query = tep_db_query("select c.customers_firstname, c.customers_lastname, c.customers_telephone, c.customers_email_address, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, co.countries_id, co.countries_name, co.countries_iso_code_2, co.countries_iso_code_3, co.address_format_id, ab.entry_state from " . TABLE_CUSTOMERS . " c, " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " co on (ab.entry_country_id = co.countries_id) where c.customers_id = '" . (int)$customer_id . "' and ab.customers_id = '" . (int)$customer_id . "' and c.customers_default_address_id = ab.address_book_id");
139143       $customer_address = tep_db_fetch_array($customer_address_query);
140144 
141 -      $shipping_address_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id, ab.entry_state from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " c on (ab.entry_country_id = c.countries_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)$sendto . "'");
142 -      $shipping_address = tep_db_fetch_array($shipping_address_query);
143 -     
144 -      $billing_address_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id, ab.entry_state from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " c on (ab.entry_country_id = c.countries_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)$billto . "'");
145 -      $billing_address = tep_db_fetch_array($billing_address_query);
 145+      if (is_array($sendto) && !empty($sendto)) {
 146+        $shipping_address = array('entry_firstname' => $sendto['firstname'],
 147+                                  'entry_lastname' => $sendto['lastname'],
 148+                                  'entry_company' => $sendto['company'],
 149+                                  'entry_street_address' => $sendto['street_address'],
 150+                                  'entry_suburb' => $sendto['suburb'],
 151+                                  'entry_postcode' => $sendto['postcode'],
 152+                                  'entry_city' => $sendto['city'],
 153+                                  'entry_zone_id' => $sendto['zone_id'],
 154+                                  'zone_name' => $sendto['zone_name'],
 155+                                  'entry_country_id' => $sendto['country_id'],
 156+                                  'countries_id' => $sendto['country_id'],
 157+                                  'countries_name' => $sendto['country_name'],
 158+                                  'countries_iso_code_2' => $sendto['country_iso_code_2'],
 159+                                  'countries_iso_code_3' => $sendto['country_iso_code_3'],
 160+                                  'address_format_id' => $sendto['address_format_id'],
 161+                                  'entry_state' => $sendto['zone_name']);
 162+      } elseif (is_numeric($sendto)) {
 163+        $shipping_address_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id, ab.entry_state from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " c on (ab.entry_country_id = c.countries_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)$sendto . "'");
 164+        $shipping_address = tep_db_fetch_array($shipping_address_query);
 165+      } else {
 166+        $shipping_address = array('entry_firstname' => null,
 167+                                  'entry_lastname' => null,
 168+                                  'entry_company' => null,
 169+                                  'entry_street_address' => null,
 170+                                  'entry_suburb' => null,
 171+                                  'entry_postcode' => null,
 172+                                  'entry_city' => null,
 173+                                  'entry_zone_id' => null,
 174+                                  'zone_name' => null,
 175+                                  'entry_country_id' => null,
 176+                                  'countries_id' => null,
 177+                                  'countries_name' => null,
 178+                                  'countries_iso_code_2' => null,
 179+                                  'countries_iso_code_3' => null,
 180+                                  'address_format_id' => 0,
 181+                                  'entry_state' => null);
 182+      }
146183 
147 -      $tax_address_query = tep_