From d5826fccdbcceaf31ae4b7303097689e41fe247f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9CVeLiTi=E2=80=9D?= <“info@veliti.nl”>
Date: Fri, 21 Feb 2025 17:10:15 +0100
Subject: [PATCH] CMXX - Uploader tool

---
 api/v2/get/transactions.php          |   2 -
 api/v2/post/translations_details.php |   2 +
 assets/functions.php                 |  18 +-
 order_old.php                        | 290 -----------------------
 settings/settingsmenu.php            |  20 +-
 settings/settingsprofiles.php        |   4 +-
 settings/settingsviews.php           |   1 +
 translation_manage.php               |   4 +-
 uploader.php                         | 329 +++++++++++++++++++++++++++
 9 files changed, 357 insertions(+), 313 deletions(-)
 delete mode 100644 order_old.php
 create mode 100644 uploader.php
diff --git a/api/v2/get/transactions.php b/api/v2/get/transactions.php
index 7d286e4..30b0e9b 100644
--- a/api/v2/get/transactions.php
+++ b/api/v2/get/transactions.php
@@ -18,8 +18,6 @@ list($whereclause,$condition) = getWhereclauselvl2("transactions",$permission,$p
 $criterias = [];   
 $clause = '';
 
-var_dump($w)
-
 //Check for $_GET variables and build up clause
 if(isset($get_content) && $get_content!=''){    
     //GET VARIABLES FROM URL
diff --git a/api/v2/post/translations_details.php b/api/v2/post/translations_details.php
index 040d4a2..cf32181 100644
--- a/api/v2/post/translations_details.php
+++ b/api/v2/post/translations_details.php
@@ -76,6 +76,8 @@ elseif ($command == 'insert' && isAllowed('translation_manage',$profile,$permiss
     $sql = 'INSERT INTO text_variables_translations ('.$clause_insert.') VALUES ('.$input_insert.')';
     $stmt = $pdo->prepare($sql);
     $stmt->execute($execute_input);
+    // Return ID            
+    echo json_encode(array('rowID'=> $pdo->lastInsertId()));
 }
 elseif ($command == 'delete' && isAllowed('translation_manage',$profile,$permission,'D') === 1){
     $stmt = $pdo->prepare('DELETE FROM text_variables_translations WHERE rowID = ? '.$whereclause.'');
diff --git a/assets/functions.php b/assets/functions.php
index 9e89a40..84dbeab 100644
--- a/assets/functions.php
+++ b/assets/functions.php
@@ -175,7 +175,12 @@ function filterMenuByProfile($menu, $profileString) {
           
           // Add main_menu - if section not in profile but submenu found, use first submenu as main_menu
           if (!$sectionIncluded && $submenuFound && $firstSubmenuItem !== null) {
-              $filteredMenu[$sectionKey]['main_menu'] = $firstSubmenuItem;
+              // Create hybrid main_menu - keep name and icon from original, but use URL and selected from submenu
+              $hybridMainMenu = $section['main_menu'];
+              $hybridMainMenu['url'] = $firstSubmenuItem['url'];
+              $hybridMainMenu['selected'] = $firstSubmenuItem['selected'];
+              
+              $filteredMenu[$sectionKey]['main_menu'] = $hybridMainMenu;
           } else {
               $filteredMenu[$sectionKey]['main_menu'] = $section['main_menu'];
           }
@@ -223,15 +228,14 @@ function menu($selected,$selected_child){
       $menu .= '<div class="sub" ' . ($selected == $menu_item['main_menu']['selected'] ? ' class="selected"' : '') . '>';
 
       foreach ($menu_item as $key => $item){
-        //filter out main_menu
-        if($key !='main_menu'){
-          $menu .= '<a href="index.php?page='.$item['url'].'"' . ($selected == $item['selected'] ? ' class="selected"' : '') . '><span>&#9724;</span>'.ucfirst((${$item['name']}?? 'not specified')).'</a>';
-        }
-      }
+          //filter out main_menu
+          if($key !='main_menu'){
+            $menu .= '<a href="index.php?page='.$item['url'].'"' . ($selected == $item['selected'] ? ' class="selected"' : '') . '><span>&#9724;</span>'.ucfirst((${$item['name']}?? 'not specified')).'</a>';
+          }
+       }
       $menu .= '</div>';
       }
   }
-
   return $menu;
 }
 
diff --git a/order_old.php b/order_old.php
deleted file mode 100644
index 49b5ae3..0000000
--- a/order_old.php
+++ /dev/null
@@ -1,290 +0,0 @@
-<?php
-defined('admin') or exit;
-if (!isset($_GET['id'])) {
-    exit('Invalid ID!');
-}
-// Retrieve order items
-$stmt = $pdo->prepare('SELECT ti.*, p.productcode, p.name FROM transactions t JOIN transactions_items ti ON ti.txn_id = t.txn_id LEFT JOIN products p ON p.id = ti.item_id WHERE t.id = ?');
-$stmt->execute([ $_GET['id'] ]);
-$order_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
-// Retrieve order details
-$stmt = $pdo->prepare('SELECT a.email, a.id AS a_id, a.first_name AS a_first_name, a.last_name AS a_last_name, a.address_street AS a_address_street, a.address_city AS a_address_city, a.address_state AS a_address_state, a.address_zip AS a_address_zip, a.address_country AS a_address_country, a.address_phone AS a_address_phone, t.* FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id LEFT JOIN accounts a ON a.id = t.account_id WHERE t.id = ?');
-$stmt->execute([ $_GET['id'] ]);
-$order = $stmt->fetch(PDO::FETCH_ASSOC);
-
-// Get tax
-$stmt = $pdo->prepare('SELECT * FROM taxes WHERE country = ?');
-$stmt->execute([$order['a_address_country']]);
-$tax = $stmt->fetch(PDO::FETCH_ASSOC);
-$tax_rate = $tax ? $tax['rate'] : 0.00;
-
-//Add giftcards
-if (isset($_GET['add_giftcard'])){
-    createGiftCart($pdo, $order['txn_id']);
-}
-
-//Get connected giftcards
-$giftcards_template = $order['txn_id'].'#%#%';
-$stmt = $pdo->prepare('SELECT * from discounts WHERE discount_code like ?');
-$stmt->execute([$giftcards_template]);
-$giftcards = $stmt->fetchAll(PDO::FETCH_ASSOC);
-
-// Get the current date
-$current_date = strtotime((new DateTime())->format('Y-m-d H:i:s'));
-
-// Delete transaction
-if (isset($_GET['delete'])) {
-    // Delete the transaction
-    $stmt = $pdo->prepare('DELETE t, ti FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id WHERE t.id = ?');
-    $stmt->execute([ $_GET['id'] ]);
-
-    // Deactive giftcards
-    removeGiftCart($pdo, $_GET['txn']);
-
-    header('Location: index.php?page=orders&success_msg=3');
-    exit;
-}
-if (!$order) {
-    exit('Invalid ID!');
-}
-
-?>
-<?=template_admin_header('Orders', 'orders')?>
-
-<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
-    <h2 class="responsive-width-100">Order #<?=$_GET['id']?></h2>
-    <a href="index.php?page=orders" class="btn alt mar-right-2">Cancel</a>
-    <a href="index.php?page=order&id=<?=$_GET['id']?>&delete=true&txn=<?=$order['txn_id']?>" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this order?')">Delete</a>
-    <a href="index.php?page=order_manage&id=<?=$_GET['id']?>" class="btn">Edit</a>
-</div>
-
-<div class="content-block-wrapper">
-    <div class="content-block order-details">
-        <div class="block-header">
-            <i class="fa-solid fa-cart-shopping fa-sm"></i>Order Details
-        </div>
-        <div class="order-detail">
-            <h3>Order ID</h3>
-            <p><?=$order['id']?></p>
-        </div>
-        <div class="order-detail">
-            <h3>Transaction ID</h3>
-            <p><?=$order['txn_id']?></p>
-        </div>
-        <?php if ($order['shipping_method']): ?>
-        <div class="order-detail">
-            <h3>Shipping Method</h3>
-            <p><?=$order['shipping_method'] ? htmlspecialchars($order['shipping_method'], ENT_QUOTES) : '--'?></p>
-        </div>
-        <?php endif; ?>
-        <div class="order-detail">
-            <h3>Payment Method</h3>
-            <p><?=$order['payment_method']?></p>
-        </div>
-        <div class="order-detail">
-            <h3>Payment Status</h3>
-            <p><?=$order['payment_status']?></p>
-        </div>
-        <div class="order-detail">
-            <h3>Date</h3>
-            <p><?=date('F j, Y H:ia', strtotime($order['created']))?></p>
-        </div>
-        <?php if ($order['discount_code']): ?>
-        <div class="order-detail">
-            <h3>Discount Code</h3>
-            <p><?=htmlspecialchars($order['discount_code'], ENT_QUOTES)?></p>
-        </div>
-        <?php endif; ?>
-    </div>
-
-    <div class="content-block order-details">
-        <div class="block-header">
-            <i class="fa-solid fa-user fa-sm"></i>Account Details
-        </div>
-        <?php if ($order['email']): ?>
-        <div class="order-detail">
-            <h3>Email</h3>
-            <p><a href="index.php?page=account&id=<?=$order['a_id']?>" target="_blank" class="link1" style="margin:0"><?=htmlspecialchars($order['email'], ENT_QUOTES)?></a></p>
-        </div>
-        <div class="order-detail">
-            <h3>Name</h3>
-            <p><?=htmlspecialchars($order['a_first_name'], ENT_QUOTES)?> <?=htmlspecialchars($order['a_last_name'], ENT_QUOTES)?></p>
-        </div>
-        <div class="order-detail">
-            <h3>Address</h3>
-            <p style="text-align:right;"><?=htmlspecialchars($order['a_address_street'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['a_address_city'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['a_address_state'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['a_address_zip'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['a_address_country'], ENT_QUOTES)?>
-            </p>
-        </div>
-        <div class="order-detail">
-            <h3>Contact</h3>
-            <p style="text-align:right;"><?=htmlspecialchars($order['a_address_phone'], ENT_QUOTES)?>
-            </p>
-        </div>
-        <?php else: ?>
-        <p>The order is not associated with an account.</p>
-        <?php endif; ?>
-    </div>
-
-    <div class="content-block order-details">
-        <div class="block-header">
-            <i class="fa-solid fa-user fa-sm"></i>Customer Details
-        </div>
-        <div class="order-detail">
-            <h3>Email</h3>
-            <p><?=htmlspecialchars($order['payer_email'], ENT_QUOTES)?></p>
-        </div>
-        <div class="order-detail">
-            <h3>Name</h3>
-            <p><?=htmlspecialchars($order['first_name'], ENT_QUOTES)?> <?=htmlspecialchars($order['last_name'], ENT_QUOTES)?></p>
-        </div>
-        <div class="order-detail">
-            <h3>Address</h3>
-            <p style="text-align:right;"><?=htmlspecialchars($order['address_street'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['address_city'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['address_state'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['address_zip'], ENT_QUOTES)?><br>
-                <?=htmlspecialchars($order['address_country'], ENT_QUOTES)?>
-            </p>
-        </div>
-        <div class="order-detail">
-            <h3>Contact</h3>
-            <p style="text-align:right;"><?=htmlspecialchars($order['a_address_phone'], ENT_QUOTES)?>
-            </p>
-        </div>
-    </div>
-</div>
-
-<div class="content-block">
-    <div class="block-header">
-        <i class="fa-solid fa-bars fa-sm"></i>Order
-    </div>
-    <div class="table order-table">
-        <table>
-            <thead>
-                <tr>
-                    <td>Product</td>
-                    <td>Options</td>
-                    <td>Qty</td>
-                    <td class="responsive-hidden">Price</td>
-                    <td style="text-align:right;">Total</td>
-                </tr>
-            </thead>
-            <tbody>
-                <?php if (empty($order_items)): ?>
-                <tr>
-                    <td colspan="5" style="text-align:center;">There are no order items</td>
-                </tr>
-                <?php else: ?>
-                <?php 
-                    $subtotal = 0;    
-                    foreach ($order_items as $item): 
-                ?>
-                <tr>
-                    <td><?=$item['productcode']?> <?=$item['name'] ? htmlspecialchars($item['name'], ENT_QUOTES) : '(Product ' . $item['item_id'] . ')'?></td>
-                    <td><?=$item['item_options'] ? htmlspecialchars(str_replace(',', ', ', $item['item_options']), ENT_QUOTES) : '--'?></td>
-                    <td><?=$item['item_quantity']?></td>
-                    <td class="responsive-hidden"><?=currency_code?><?=number_format($item['item_price'], 2)?></td>
-                    <td style="text-align:right;"><?=currency_code?><?=number_format($item['item_price']*$item['item_quantity'], 2)?></td>
-                </tr>
-                <?php $subtotal += $item['item_price']*$item['item_quantity'];?>
-                <?php endforeach; ?>
-                <?php endif; ?>
-                <tr>
-                    <td colspan="5" class="item-list-end"></td>
-                </tr>
-                <tr>
-                    <td colspan="4" class="subtotal">Subtotal</td>
-                    <td class="num"><?=currency_code?><?=number_format($subtotal, 2)?></td>
-                </tr>
-                <tr>
-                    <td colspan="4" class="shipping">Shipping</td>
-                    <td class="num"><?=currency_code?><?=number_format($order['shipping_amount'], 2)?></td>
-                </tr>
-                <tr>
-                    <td colspan="4" class="shipping">Discount</td>
-                    <td class="num"><?=currency_code?><?=number_format(($order['payment_amount']+$order['shipping_amount'])-($subtotal), 2)?></td>
-                </tr>
-                <tr>
-                    <td colspan="4" class="shipping">VAT</td>
-                    <td class="num" style="border-bottom: 1px solid #f0f1f2;"><?=currency_code?><?=number_format($order['tax_amount'], 2)?></td>
-                </tr>
-                <tr>
-                    <td colspan="4" class="total">Total</td>
-                    <td class="num"><b><?=currency_code?><?=number_format($order['payment_amount'], 2)?></b></td>
-                </tr>
-            </tbody>
-        </table>
-    </div>
-</div>
-
-<div class="content-block">
-    <div class="block-header">
-        <i class="fa-solid fa-bars fa-sm"></i>Giftcards
-    </div>
-    <div class="table order-table">
-        <a href="index.php?page=order&id=<?=$_GET['id']?>&add_giftcard" class="btn">Relate giftcards</a>
-        <table>
-            <thead>
-                <tr>
-                    <td>Giftcard</td>
-                    <td>Valid</td>
-                    <td>Value</td>
-                </tr>
-            </thead>
-            <tbody>
-                <?php if (empty($giftcards)): ?>
-                <tr>
-                    <td colspan="5" style="text-align:center;">There are no order items</td>
-                </tr>
-                <?php else: ?>
-                <?php foreach ($giftcards as $giftcard): ?>
-                <tr>
-                    <td><?=$giftcard['discount_code']?></td>
-                    <td><?=$current_date >= strtotime($giftcard['start_date']) && $current_date <= strtotime($giftcard['end_date']) ? 'Yes' : 'No'?></td>
-                    <td><?=currency_code?><?=number_format($giftcard['discount_value'], 2)?></td>
-                </tr>
-                <?php endforeach; ?>
-                <?php endif; ?>
-                <tr>
-                    <td colspan="5" class="item-list-end"></td>
-                </tr>
-            </tbody>
-        </table>
-    </div>
-</div>
-
-<div class="content-block">
-    <div class="block-header">
-        <i class="fa-solid fa-bars fa-sm"></i>Invoice
-    </div>
-    <div class="table order-table">
-    <table>
-        <tr>
-            <td style="width:70px";>
-                <form action="index.php?page=factuur" method="post">
-                    <input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
-                    <input type="submit" class="btn" name="show_invoice" value="Show">
-                </form>
-            </td>
-            <td style="width: 157px;">
-                <form action="index.php?page=factuur" method="post">
-                    <input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
-                    <input type="submit" class="btn" name="email_invoice" value="Email to Customer" onclick="return confirm('Send invoice to customer?');">
-                </form>
-            </td>
-            <td>
-                <form action="index.php?page=factuur" method="post">
-                    <input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
-                    <input type="submit" class="btn" name="email_invoice_to_admin" value="Email to Admin" onclick="return confirm('Send invoice to admin?');">
-                </form>
-            </td>
-        </tr>
-    </table>
-    </div>
-</div>
-
-<?=template_admin_footer()?>
\ No newline at end of file
diff --git a/settings/settingsmenu.php b/settings/settingsmenu.php
index bf1b1d0..860df6c 100644
--- a/settings/settingsmenu.php
+++ b/settings/settingsmenu.php
@@ -185,7 +185,7 @@ $main_menu = [
             "url" => "partners", 
             "selected" => "partners", 
             "icon" => "fa-solid fa-bars",
-            "name" => "menu_admin"  
+            "name" => "menu_admin_partners"  
             ], 
         "users" => [
             "url" => "users", 
@@ -230,12 +230,6 @@ $main_menu = [
             "selected" => "settings", 
             "icon" => "fas fa-tools",
             "name" => "menu_settings"
-        ],
-        "settings" => [
-            "url" => "settings", 
-            "selected" => "settings", 
-            "icon" => "fas fa-tools",
-            "name" => "menu_settings"  
             ],
         "config" => [
             "url" => "settings",
@@ -248,19 +242,25 @@ $main_menu = [
             "selected" => "translations", 
             "icon" => "fas fa-tachometer-alt",
             "name" => "menu_translations"  
-        ],
+            ],
+        "uploader" => [
+            "url" => "uploader",
+            "selected" => "uploader", 
+            "icon" => "fas fa-tachometer-alt",
+            "name" => "menu_uploader"  
+            ],
         "logfile" => [
             "url" => "logfile",
             "selected" => "logfile", 
             "icon" => "fas fa-tachometer-alt",
             "name" => "menu_logfile"  
-        ],
+            ],
         "maintenance" => [
             "url" => "maintenance",
             "selected" => "maintenance", 
             "icon" => "fas fa-tachometer-alt",
             "name" => "menu_maintenance"  
-        ],
+            ],
         "profiles" => [
             "url" => "profiles",
             "selected" => "profiles", 
diff --git a/settings/settingsprofiles.php b/settings/settingsprofiles.php
index 571b2b1..6cc953b 100644
--- a/settings/settingsprofiles.php
+++ b/settings/settingsprofiles.php
@@ -6,11 +6,11 @@ define('superuser_profile','dashboard,profile,assets,equipments,equipment,equipm
 /*Admin*/
 define('admin_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,product,product_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,changelog,application');
 /*AdminPlus*/
-define('adminplus_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,billing,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,discounts,discount,shipping,shipping_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,report_usage,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,media,media_manage,application,maintenance,profiles,vin,shopping_cart,checkout,placeorder,taxes,transactions,transactions_items,invoice,order,orders');
+define('adminplus_profile','dashboard,profile,buildtool,sales,accounts,account,contracts,contract,contract_manage,billing,cartests,cartest,cartest_manage,assets,equipments,equipment,equipment_healthindex,equipment_data,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,rmas,rma,rma_manage,rma_history,rma_history_manage,buildtool,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,discounts,discount,shipping,shipping_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,communications,communication,communication_send,marketing,reporting,report_build,report_contracts_billing,report_healthindex,report_usage,config,settings,logfile,changelog,language,translations,translations_details,translation_manage,media,media_manage,application,maintenance,uploader,profiles,vin,shopping_cart,checkout,placeorder,taxes,transactions,transactions_items,invoice,order,orders');
 /*Build*/
 define('build','dashboard,profile,buildtool,firmwaretool,buildtool,products_software,application');
 /*Commerce*/
-define('commerce','dashboard,profile,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,discounts,discount,shipping,shipping_manage,admin,users,user,user_manage,translations,translations_details,translation_manage,media,media_manage,application,profiles,shopping_cart,checkout,placeorder,taxes,transactions,transactions_items,invoice,order,orders');
+define('commerce','dashboard,profile,products,products_versions,products_software,products_attributes,products_attributes_items,products_attributes_manage,products_configurations,products_categories,products_media,product,product_manage,pricelists,pricelists_items,pricelists_manage,catalog,categories,category,discounts,discount,shipping,shipping_manage,admin,partners,partner,users,user,user_manage,translations,translations_details,translation_manage,media,media_manage,application,shopping_cart,checkout,placeorder,taxes,transactions,transactions_items,invoice,order,orders');
 /*Distribution*/
 define('distribution','dashboard,profile,assets,equipments,equipment,equipment_manage,equipment_manage_edit,equipments_mass_update,histories,history,history_manage,firmwaretool,products,products_versions,products_software,product,product_manage,servicereports,servicereport,admin,partners,partner,users,user,user_manage,marketing,application');
 /*Firmware*/
diff --git a/settings/settingsviews.php b/settings/settingsviews.php
index 4c13fbc..a0425f0 100644
--- a/settings/settingsviews.php
+++ b/settings/settingsviews.php
@@ -85,6 +85,7 @@ $all_views = [
     "media_manage",
     "application",
     "maintenance",
+    "uploader",
     "profiles",
     "vin",
     "shopping_cart",
diff --git a/translation_manage.php b/translation_manage.php
index e7d46c6..351295e 100644
--- a/translation_manage.php
+++ b/translation_manage.php
@@ -243,7 +243,7 @@ $view .= '
                         $view .='<option value="'.$language.'" '.(($translation['language_key'] == $language)?' selected':'').'>'.$language.'</option>';
                     }   
            $view .='</select></td>
-                    <td><input form="update" type="text" name="item['.$translation['rowID'].'][translation]" placeholder="'.($text_variable_translation_translation ?? '').'" value="'.$translation['translation'].'"></td>
+                    <td><textarea form="update" type="text" name="item['.$translation['rowID'].'][translation]" placeholder="'.($text_variable_translation_translation ?? '').'" style="width: 100%;height: 150px;">'.$translation['translation'].'</textarea></td>
                     <td>'.getRelativeTime($translation['created']).'</td>
                     <td><input form="update" type="submit" name="update" value="&" class="btn"></td>
                     <input form="update" type="hidden" name="item['.$translation['rowID'].'][rowID]" value="'.$translation['rowID'].'" readonly>
@@ -271,7 +271,7 @@ $view .= '
                         } 
             $view .='</select>
                     </td>
-                    <td><input form="new" type="text" name="translation" placeholder="'.($text_variable_translation_translation ?? '').'" value=""></td>
+                    <td><textarea form="new" type="text" name="translation" placeholder="'.($text_variable_translation_translation ?? '').'" style="width: 100%;height: 150px;"> </textarea></td>
                     <td><input form="new" type="submit" name="add" value="+" class="btn"></td>
                     <input form="new" type="hidden" name="rowID" value="" readonly>
                     <input form="new" type="hidden" name="variable_ID" value="'.$text_variable['rowID'].'" readonly>
diff --git a/uploader.php b/uploader.php
new file mode 100644
index 0000000..b06cdfc
--- /dev/null
+++ b/uploader.php
@@ -0,0 +1,329 @@
+<?php 
+defined(page_security_key) or exit;
+
+$page = 'uploader';
+//Check if allowed
+if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+    header('location: index.php');
+    exit;
+}
+//PAGE Security
+$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+
+if ($create_allowed === 1 && $_POST){
+
+    $log_results = [];
+    foreach ($_POST as $contents){
+
+        $contents = json_decode($contents,true);
+            
+        foreach ($contents as $content){
+
+            //CHECK IF VARIABLE EXISTS
+            $text_variable = ioServer('/v2/translations/variable='.$content['variable'],'');
+            if (!empty($text_variable)){$text_variable = json_decode($text_variable,true);}else{$text_variable = null;}
+
+            //IF NO ERRORS PROCES IT
+            if (is_array($text_variable)){     
+
+                if (count($text_variable) == 0){
+                    //VARIABLE NOT FOUND -> CREATE
+                    $payload = json_encode(array("variable" => $content['variable']), JSON_UNESCAPED_UNICODE);
+                    //API call
+                    $text_variable_new = ioServer('/v2/translations',$payload);
+                    //returns results
+                    $text_variable_new   = json_decode($text_variable_new  ,true);
+                    //Provide feedback
+                    $log_results[$content['variable']]['rowID'] = $text_variable_new['rowID'].' created';
+                } 
+
+                $text_variable = $text_variable[0] ?? 'new';
+                //VARIABLE ROWID 
+                $text_variable_rowid = ($text_variable != 'new') ? $text_variable['rowID'] : $text_variable_new['rowID'];
+                
+                foreach ($content as $key => $var){
+                    
+                    if ($var != $content['variable']){
+                        $language_key = strtoupper($key);
+
+                        //check if variable_id and language_key combination already exists
+                        $text_translation = ioServer('/v2/translations_details/variable_ID='.$text_variable_rowid.'&language_key='.$language_key,'');
+                        if (!empty($text_translation)){$text_translation = json_decode($text_translation,true);}else{$text_translation = null;}
+                        
+                        
+                        if (count($text_translation) == 0){
+                            //TRANSLATION NOT FOUND ->CREATE
+                            $payload = json_encode(array("variable_ID" => $text_variable_rowid, "language_key" => $language_key, "translation" => $var), JSON_UNESCAPED_UNICODE);
+                            $text_translation_new = ioServer('/v2/translations_details',$payload);
+                            $text_translation_new = json_decode($text_translation_new  ,true);
+                            //Provide feedback
+                            $log_results[$content['variable']][$language_key] = $text_translation_new['rowID'].' created';
+                        }
+                        elseif(count($text_translation) > 0){
+                            
+                            $text_translation = $text_translation[0];
+                            //TRANSLATION FOUND -> UPDATE
+                            $payload = json_encode(array("rowID" => $text_translation['rowID'] , "translation" => $var), JSON_UNESCAPED_UNICODE);
+                            $text_translation = ioServer('/v2/translations_details',$payload);
+                            $text_translation  = json_decode($text_translation ,true);
+                            //Provide feedback
+                            $log_results[$content['variable']][$language_key] = $text_translation['rowID'].' updated';
+
+                        } else {
+                            $log_results[$content['variable']][$language_key] = 'not updated';
+                        }
+
+                    }
+                }
+            } else {
+                $log_results[$content['variable']] = 'error';
+            }
+        }
+    }
+    print_r($log_results);   
+    return $log_results; 
+} 
+template_header('Uploader', 'uploader', 'manage');
+
+$view ='
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            line-height: 1.6;
+            margin: 0;
+            padding: 20px;
+            color: #333;
+        }
+        .container {
+            max-width: 1200px;
+            margin: 0 auto;
+        }
+        h1, h2 {
+            color: #2c3e50;
+        }
+        textarea {
+            width: 100%;
+            min-height: 150px;
+            margin-bottom: 15px;
+            padding: 8px;
+            border: 1px solid #ddd;
+        }
+        .btn {
+            background-color: #3498db;
+            color: white;
+            border: none;
+            padding: 10px 15px;
+            cursor: pointer;
+            font-size: 16px;
+            border-radius: 4px;
+        }
+        .btn:hover {
+            background-color: #2980b9;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin: 20px 0;
+        }
+        th, td {
+            border: 1px solid #ddd;
+            padding: 8px;
+            text-align: left;
+        }
+        th {
+            background-color: #f2f2f2;
+            position: sticky;
+            top: 0;
+        }
+        tr:nth-child(even) {
+            background-color: #f9f9f9;
+        }
+        .table-container {
+            max-height: 500px;
+            overflow-y: auto;
+            margin-bottom: 20px;
+        }
+        .info {
+            background-color: #d4edda;
+            border: 1px solid #c3e6cb;
+            color: #155724;
+            padding: 10px;
+            margin-bottom: 15px;
+            border-radius: 4px;
+        }
+        .controls {
+            margin: 15px 0;
+            display: flex;
+            gap: 10px;
+            flex-wrap: wrap;
+        }
+    </style>
+
+    <div class="container">
+        <h1>Excel Data Processor</h1>
+        
+        <div class="info">
+            Copy data from Excel and paste it into the textarea below. 
+            Use Ctrl+C in Excel and Ctrl+V here to preserve the tab/column formatting.
+        </div>
+        
+        <div>
+            <textarea id="excelData" placeholder="Paste Excel data here..."></textarea>
+            <button type="button" id="convertBtn" class="btn">Convert to Table</button>
+        </div>
+        
+        <div id="tableOutput" style="display:none;">
+            <h2>Table Preview</h2>
+            <div class="controls">
+                <button id="processDataBtn" class="btn">Process Data</button>
+                <button id="downloadCsvBtn" class="btn">Download as CSV</button>
+            </div>
+            <div class="table-container">
+                <table id="dataTable">
+                    <!-- Table will be inserted here -->
+                </table>
+            </div>
+            
+            <div id="processingResults" style="display:none;">
+                <h2>Processing Results</h2>
+                <div id="resultsContent"></div>
+            </div>
+        </div>
+    </div>
+    
+    <script>
+        document.addEventListener(\'DOMContentLoaded\', function() {
+            const convertBtn = document.getElementById(\'convertBtn\');
+            const excelData = document.getElementById(\'excelData\');
+            const tableOutput = document.getElementById(\'tableOutput\');
+            const dataTable = document.getElementById(\'dataTable\');
+            const processDataBtn = document.getElementById(\'processDataBtn\');
+            const processingResults = document.getElementById(\'processingResults\');
+            const resultsContent = document.getElementById(\'resultsContent\');
+            const downloadCsvBtn = document.getElementById(\'downloadCsvBtn\');
+            
+            // Convert pasted Excel data to HTML table
+            convertBtn.addEventListener(\'click\', function() {
+                const data = excelData.value.trim();
+                if (!data) {
+                    alert(\'Please paste some data first.\');
+                    return;
+                }
+                
+                // Split by newlines to get rows
+                const rows = data.split(/\r?\n/);
+                let tableHtml = \'\';
+                
+                rows.forEach((row, rowIndex) => {
+                    // Split by tabs to get cells
+                    const cells = row.split(\'\t\');
+                    
+                    if (rowIndex === 0) {
+                        // Create header row
+                        tableHtml += \'<thead><tr>\';
+                        cells.forEach(cell => {
+                            tableHtml += `<th>${cell}</th>`;
+                        });
+                        tableHtml += \'</tr></thead><tbody>\';
+                    } else {
+                        // Create data rows
+                        tableHtml += \'<tr>\';
+                        cells.forEach(cell => {
+                            tableHtml += `<td>${cell}</td>`;
+                        });
+                        tableHtml += \'</tr>\';
+                    }
+                });
+                
+                tableHtml += \'</tbody>\';
+                dataTable.innerHTML = tableHtml;
+                tableOutput.style.display = \'block\';
+            });
+            
+            // Process the data using AJAX
+            processDataBtn.addEventListener(\'click\', function() {
+                // Collect table data as array of arrays (simpler format)
+                const tableData = [];
+                const headers = [];
+                
+                // Get headers
+                const headerCells = dataTable.querySelectorAll(\'thead th\');
+                headerCells.forEach(cell => {
+                    headers.push(cell.textContent);
+                });
+                
+                // Get rows
+                const rows = dataTable.querySelectorAll(\'tbody tr\');
+                rows.forEach(row => {
+                    const rowData = {};
+                    const cells = row.querySelectorAll(\'td\');
+                    
+                    cells.forEach((cell, index) => {
+                        if (index < headers.length) {
+                            rowData[headers[index]] = cell.textContent;
+                        }
+                    });
+                    
+                    tableData.push(rowData);
+                });
+                
+                // Use standard form submission approach instead of JSON
+                const form = new FormData();
+                form.append(\'data\', JSON.stringify(tableData));
+                
+                fetch(window.location.href, {
+                    method: \'POST\',
+                    body: form
+                })
+                .then(response => response.text())
+                .then(data => {
+                    processingResults.style.display = \'block\';
+                    resultsContent.innerHTML = data;
+                })
+                .catch(error => {
+                    console.error(\'Error:\', error);
+                    alert(\'Error processing data: \' + error);
+                });
+            });
+            
+            // Download as CSV
+            downloadCsvBtn.addEventListener(\'click\', function() {
+                const rows = dataTable.querySelectorAll(\'tr\');
+                const csvContent = [];
+                
+                rows.forEach(row => {
+                    const rowData = [];
+                    const cells = row.querySelectorAll(\'th, td\');
+                    
+                    cells.forEach(cell => {
+                        // Properly escape cells for CSV format
+                        let value = cell.textContent;
+                        value = value.replace(/"/g, \'""\'); // Double quotes need to be escaped with double quotes
+                        rowData.push(`"${value}"`);
+                    });
+                    
+                    csvContent.push(rowData.join(\',\'));
+                });
+                
+                const csvString = csvContent.join(\'\n\');
+                const blob = new Blob([csvString], { type: \'text/csv;charset=utf-8;\' });
+                const url = URL.createObjectURL(blob);
+                const link = document.createElement(\'a\');
+                link.setAttribute(\'href\', url);
+                link.setAttribute(\'download\', \'exported_data.csv\');
+                link.style.visibility = \'hidden\';
+                document.body.appendChild(link);
+                link.click();
+                document.body.removeChild(link);
+            });
+        });
+    </script>
+';
+
+//Output
+echo $view;
+
+template_footer();
+?>
\ No newline at end of file

Product	Options	Qty	Price	Total
There are no order items


Subtotal
Shipping
Discount
VAT
Total
Giftcard	Valid	Value
There are no order items
	= strtotime($giftcard['start_date']) && $current_date <= strtotime($giftcard['end_date']) ? 'Yes' : 'No'?>