function get_page_content($name, $coID = '') { $mode = ''; $format = strtolower(MODULE_JANOLAW_FORMAT); if ($format == 'html') { $mode = '_include'; } $url = 'http://www.janolaw.de/agb-service/shops/' . $this->m_user_id . '/' . $this->m_shop_id . '/' . $name . $mode . '.' . $format; $content = get_external_content($url, '3', false); if (strtolower(MODULE_JANOLAW_TYPE) == 'database') { // update data in table $sql_data_array = array('content_text' => $content, 'content_file' => ''); xtc_db_perform(TABLE_CONTENT_MANAGER, $sql_data_array, 'update', "content_group='" . (int) $coID . "' and languages_id='2'"); } else { // write content to file $file = DIR_FS_CATALOG . 'media/content/' . $name . '.' . $format; $fp = @fopen($file, 'w+'); if (is_resource($fp)) { fwrite($fp, $content); fclose($fp); } // update data in table $sql_data_array = array('content_file' => $name . '.' . $format, 'content_text' => ''); xtc_db_perform(TABLE_CONTENT_MANAGER, $sql_data_array, 'update', "content_group='" . (int) $coID . "' and languages_id='2'"); } }
public function log($message, $level = 0) { $this->_logcount++; $table = $this->_mode == 'api' ? 'payone_api_log' : 'payone_transactions_log'; $sql_data_array = array('event_id' => (int) $this->_event_id, 'date_created' => 'now()', 'log_count' => (int) $this->_logcount, 'log_level' => (int) $level, 'message' => $message, 'customers_id' => isset($_SESSION['customer_id']) ? $_SESSION['customer_id'] : '0'); xtc_db_perform($table, $sql_data_array); }
public function testCheckedInLastWeekReturnsFalseWhenLastCheckIsLongerAgoThanAWeek() { $sql_data = array('configuration_key' => 'MODULE_PAYMENT_BARZAHLEN_LAST_UPDATE_CHECK', 'configuration_value' => '2013-01-01 00:00:00', 'configuration_group_id' => 6, 'date_added' => 'now()'); xtc_db_perform(TABLE_CONFIGURATION, $sql_data); $versionCheck = $this->createVersionCheck(); $this->assertFalse($versionCheck->isCheckedInLastWeek()); }
function affiliate_insert($sql_data_array, $affiliate_parent = 0) { // LOCK TABLES @mysql_query("LOCK TABLES " . TABLE_AFFILIATE . " WRITE"); if ($affiliate_parent > 0) { $affiliate_root_query = xtc_db_query("select affiliate_root, affiliate_rgt, affiliate_lft�from " . TABLE_AFFILIATE . " where affiliate_id = '" . $affiliate_parent . "' "); // Check if we have a parent affiliate if ($affiliate_root_array = xtc_db_fetch_array($affiliate_root_query)) { xtc_db_query("update " . TABLE_AFFILIATE . " SET affiliate_lft = affiliate_lft + 2 WHERE affiliate_root = '" . $affiliate_root_array['affiliate_root'] . "' and affiliate_lft > " . $affiliate_root_array['affiliate_rgt'] . " AND affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . " "); xtc_db_query("update " . TABLE_AFFILIATE . " SET affiliate_rgt = affiliate_rgt + 2 WHERE affiliate_root = '" . $affiliate_root_array['affiliate_root'] . "' and affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . " "); $sql_data_array['affiliate_root'] = $affiliate_root_array['affiliate_root']; $sql_data_array['affiliate_lft'] = $affiliate_root_array['affiliate_rgt']; $sql_data_array['affiliate_rgt'] = $affiliate_root_array['affiliate_rgt'] + 1; xtc_db_perform(TABLE_AFFILIATE, $sql_data_array); $affiliate_id = xtc_db_insert_id(); } // no parent -> new root } else { $sql_data_array['affiliate_lft'] = '1'; $sql_data_array['affiliate_rgt'] = '2'; xtc_db_perform(TABLE_AFFILIATE, $sql_data_array); $affiliate_id = xtc_db_insert_id(); xtc_db_query("update " . TABLE_AFFILIATE . " set affiliate_root = '" . $affiliate_id . "' where affiliate_id = '" . $affiliate_id . "' "); } // UNLOCK TABLES @mysql_query("UNLOCK TABLES"); return $affiliate_id; }
/** * Checks if version was checked in last week * * @return boolean */ public function isCheckedInLastWeek() { $lastQuery = xtc_db_query("SELECT configuration_value\n FROM " . TABLE_CONFIGURATION . "\n WHERE configuration_key = 'MODULE_PAYMENT_BARZAHLEN_LAST_UPDATE_CHECK'"); $lastCheck = xtc_db_fetch_array($lastQuery); if (!$lastCheck) { $sql_data = array('configuration_key' => 'MODULE_PAYMENT_BARZAHLEN_LAST_UPDATE_CHECK', 'configuration_value' => 'now()', 'configuration_group_id' => 6, 'date_added' => 'now()'); xtc_db_perform(TABLE_CONFIGURATION, $sql_data); return false; } elseif (time() - strtotime($lastCheck['configuration_value']) > 60 * 60 * 24 * 7) { xtc_db_query("UPDATE " . TABLE_CONFIGURATION . "\n SET configuration_value = NOW()\n WHERE configuration_key = 'MODULE_PAYMENT_BARZAHLEN_LAST_UPDATE_CHECK'"); return false; } return true; }
function xtc_update_whos_online() { $crawler = 0; if (isset($_SESSION['customer_id'])) { $wo_customer_id = (int) $_SESSION['customer_id']; $customer_query = xtc_db_query("select\n customers_firstname,\n customers_lastname\n from " . TABLE_CUSTOMERS . "\n where customers_id = '" . $wo_customer_id . "'"); $customer = xtc_db_fetch_array($customer_query); $wo_full_name = xtc_db_prepare_input($customer['customers_firstname'] . ' ' . $customer['customers_lastname']); } else { $wo_customer_id = ''; $crawler = xtc_check_agent(); if ($crawler !== 0) { $wo_full_name = '[' . TEXT_SEARCH_ENGINE_AGENT . ']'; } else { $wo_full_name = TEXT_GUEST; } } if ($crawler !== 0) { $wo_session_id = ''; } else { $wo_session_id = xtc_session_id(); } $wo_ip_address = xtc_db_prepare_input($_SESSION['tracking']['ip']); $wo_last_page_url = xtc_db_prepare_input(strip_tags($_SERVER['REQUEST_URI'])); $wo_referer = xtc_db_prepare_input(isset($_SERVER['HTTP_REFERER']) ? strip_tags($_SERVER['HTTP_REFERER']) : '---'); $current_time = time(); $time_last_click = 900; if (defined('WHOS_ONLINE_TIME_LAST_CLICK')) { $time_last_click = (int) WHOS_ONLINE_TIME_LAST_CLICK; } $xx_mins_ago = time() - $time_last_click; // remove entries that have expired xtc_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'"); $stored_customer_query = xtc_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . $wo_session_id . "'"); $stored_customer = xtc_db_fetch_array($stored_customer_query); $sql_data_array = array('customer_id' => $wo_customer_id, 'full_name' => xtc_db_prepare_input($wo_full_name), 'ip_address' => $wo_ip_address, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url); if ($stored_customer['count'] > 0) { xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array, 'update', "session_id = '" . $wo_session_id . "'"); } else { $sql_data_array['time_entry'] = $current_time; $sql_data_array['session_id'] = $wo_session_id; $sql_data_array['http_referer'] = $wo_referer; xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array); } }
function xtc_cfg_save_max_display_results($cfg_key) { if (isset($_POST[$cfg_key])) { $configuration_value = preg_replace('/[^0-9-]/', '', $_POST[$cfg_key]); $configuration_value = xtc_db_prepare_input($configuration_value); $configuration_query = xtc_db_query("SELECT configuration_key,\n configuration_value\n FROM " . TABLE_CONFIGURATION . "\n WHERE configuration_key = '" . xtc_db_input($cfg_key) . "'\n "); if (xtc_db_num_rows($configuration_query) > 0) { //update xtc_db_query("UPDATE " . TABLE_CONFIGURATION . "\n SET configuration_value ='" . xtc_db_input($configuration_value) . "',\n last_modified = NOW()\n WHERE configuration_key='" . xtc_db_input($cfg_key) . "'"); } else { //new entry $sql_data_array = array('configuration_key' => $cfg_key, 'configuration_value' => $configuration_value, 'configuration_group_id' => '1000', 'sort_order' => '-1', 'last_modified' => 'now()', 'date_added' => 'now()'); xtc_db_perform(TABLE_CONFIGURATION, $sql_data_array); } return $configuration_value; } return defined($cfg_key) && (int) constant($cfg_key) > 0 ? constant($cfg_key) : 20; }
function _sess_write($key, $val) { global $SESS_LIFE; $flag = ''; if (isset($_SESSION['customers_status']['customers_status_id']) && $_SESSION['customers_status']['customers_status_id'] == 0) { $SESS_LIFE = defined('SESSION_LIFE_ADMIN') ? (int) SESSION_LIFE_ADMIN : (int) SESSION_LIFE_ADMIN_DEFAULT; $flag = 'admin'; } $expiry = time() + (int) $SESS_LIFE; //$value = addslashes($val); $value = base64_encode($val); $check_query = xtc_db_query("-- includes/functions/sessions.php\n SELECT count(*) as total\n FROM " . TABLE_SESSIONS . "\n WHERE sesskey = '" . xtc_db_input($key) . "'"); $total = xtc_db_fetch_array($check_query); if ($total['total'] > 0) { return xtc_db_query("-- includes/functions/sessions.php\n UPDATE " . TABLE_SESSIONS . "\n SET expiry = '" . $expiry . "',\n value = '" . xtc_db_input($value) . "',\n flag = '" . xtc_db_input($flag) . "'\n WHERE sesskey = '" . xtc_db_input($key) . "'"); } else { $sql_data_array = array('sesskey' => $key, 'expiry' => (int) $expiry, 'value' => $value, 'flag' => $flag); return xtc_db_perform(TABLE_SESSIONS, $sql_data_array); } }
if ($status['customers_status_show_price_tax'] == 1) { $tax_info = TEXT_ADD_TAX; } if ($status['customers_status_show_price_tax'] == 0) { $tax_info = TEXT_NO_TAX; } $title = $tax_info . $title . ':'; //EOF web28 - 2010-12-04 - "inkl." oder "zzgl." hinzufügen if ($ust['tax_value_new']) { $text = $xtPrice->xtcFormat($ust['tax_value_new'], true); //BOF - Dokuman - 2010-03-17 - added sort order directly to array $sql_data_array = array('orders_id' => (int) $_POST['oID'], 'title' => xtc_db_prepare_input($title), 'text' => $text, 'value' => xtc_db_prepare_input($ust['tax_value_new']), 'class' => 'ot_tax', 'sort_order' => MODULE_ORDER_TOTAL_TAX_SORT_ORDER); //$insert_sql_data = array ('sort_order' => MODULE_ORDER_TOTAL_TAX_SORT_ORDER); //$sql_data_array = xtc_array_merge($sql_data_array, $insert_sql_data); //EOF - Dokuman - 2010-03-17 - added sort order directly to array xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); } } //BOF web28 - 2010-12-04 - Keine Mwst. auf Rechnung ausweisen if ($status['customers_status_show_price_tax'] == 0 && $status['customers_status_add_tax_ot'] == 0) { xtc_db_query("delete from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . (int) $_POST['oID'] . "' and class='ot_tax'"); } //EOF web28 - 2010-12-04 - Keine Mwst. auf Rechnung ausweisen //EOF####### MwSt. neu berechnen #######// //BOF web28 - 2010-12-04 Errechne neue Gesamtsumme für Artikel //Mwst feststellen $add_tax = 0; $price = 'b_price'; if ($status['customers_status_show_price_tax'] == 0 && $status['customers_status_add_tax_ot'] == 1) { $tax_query = xtc_db_query("select SUM(value) as value from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . (int) $_POST['oID'] . "' and class='ot_tax'"); $tax = xtc_db_fetch_array($tax_query);
if ($error == false) { // file upload if ($select_file != 'default') { $content_file_name = $select_file; } $accepted_file_upload_files_extensions = array("xls", "xla", "hlp", "chm", "ppt", "ppz", "pps", "pot", "doc", "dot", "pdf", "rtf", "swf", "cab", "tar", "zip", "au", "snd", "mp2", "rpm", "stream", "wav", "gif", "jpeg", "jpg", "jpe", "png", "tiff", "tif", "bmp", "csv", "txt", "rtf", "tsv", "mpeg", "mpg", "mpe", "qt", "mov", "avi", "movie", "rar", "7z"); $accepted_file_upload_files_mime_types = array("application/msexcel", "application/mshelp", "application/mspowerpoint", "application/msword", "application/pdf", "application/rtf", "application/x-shockwave-flash", "application/x-tar", "application/zip", "audio/basic", "audio/x-mpeg", "audio/x-pn-realaudio-plugin", "audio/x-qt-stream", "audio/x-wav", "image/gif", "image/jpeg", "image/png", "image/tiff", "image/bmp", "text/comma-separated-values", "text/plain", "text/rtf", "text/tab-separated-values", "video/mpeg", "video/quicktime", "video/x-msvideo", "video/x-sgi-movie", "application/x-rar-compressed", "application/x-7z-compressed"); if ($content_file = xtc_try_upload('file_upload', DIR_FS_CATALOG . 'media/content/', '644', $accepted_file_upload_files_extensions, $accepted_file_upload_files_mime_types)) { $content_file_name = $content_file->filename; } // update data in table $sql_data_array = array('languages_id' => $content_language, 'content_title' => $content_title, 'content_heading' => $content_header, 'content_text' => $content_text, 'content_file' => $content_file_name, 'content_status' => $content_status, 'parent_id' => $parent_id, 'group_ids' => $group_ids, 'content_group' => $group_id, 'sort_order' => $sort_order, 'file_flag' => $file_flag, 'content_meta_title' => $content_meta_title, 'content_meta_description' => $content_meta_description, 'content_meta_keywords' => $content_meta_keywords, 'content_meta_index' => $content_meta_index, 'change_date' => $time); if ($id == 'update') { xtc_db_perform(TABLE_CONTENT_MANAGER, $sql_data_array, 'update', "content_id = '" . $coID . "'"); } else { xtc_db_perform(TABLE_CONTENT_MANAGER, $sql_data_array); } // if get id xtc_redirect(xtc_href_link(FILENAME_CONTENT_MANAGER)); } // if error } // if require DIR_WS_INCLUDES . 'head.php'; ?> </head> <body> <!-- header //--> <?php require DIR_WS_INCLUDES . 'header.php'; ?>
// referrer #todo sec $ref_url = parse_url(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $current_domain . $_SERVER['REQUEST_URI']); if (!isset($_SESSION['tracking']['http_referer'])) { $_SESSION['tracking']['http_referer'] = $ref_url; } // IP if (!isset($_SESSION['tracking']['ip'])) { $_SESSION['tracking']['ip'] = $_SERVER['REMOTE_ADDR']; } // campaigns if (!isset($_SESSION['tracking']['refID']) && isset($_GET['refID'])) { $campaign_check_query_raw = "SELECT * FROM " . TABLE_CAMPAIGNS . " WHERE campaigns_refID = '" . xtc_db_input($_GET['refID']) . "'"; $campaign_check_query = xtc_db_query($campaign_check_query_raw); if (xtc_db_num_rows($campaign_check_query) > 0) { $_SESSION['tracking']['refID'] = xtc_db_input($_GET['refID']); xtc_db_perform(TABLE_CAMPAIGNS_IP, array('user_ip' => $_SESSION['tracking']['ip'], 'campaign' => xtc_db_input($_GET['refID']), 'time' => 'now()')); } } // datetime if (!isset($_SESSION['tracking']['date'])) { $_SESSION['tracking']['date'] = date("Y-m-d H:i:s"); } // browser #todo sec if (!isset($_SESSION['tracking']['browser'])) { $_SESSION['tracking']['browser'] = $_SERVER['HTTP_USER_AGENT']; } // pageview history if (!isset($_SESSION['tracking']['pageview_history'])) { $_SESSION['tracking']['pageview_history'] = array(); } $i = count($_SESSION['tracking']['pageview_history']);
/** * Update orderstatuses in the database * * @param int $customer The order status id to show the customer * @param int $admin The order status id to show in the administration page * * @return void */ public function updateOrderDatabase($customer, $admin) { global $insert_id; $orderid = mysqli_real_escape_string(xtc_db_connect(), $insert_id); $refno = mysqli_real_escape_string(xtc_db_connect(), $_SESSION['klarna_refno']); $sql_data_arr = array('orders_id' => $orderid, 'orders_status_id' => $customer, 'comments' => "Accepted by Klarna. Reference #: {$refno}", 'customer_notified' => 1, 'date_added' => date("Y-m-d H:i:s")); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_arr); $has_ordernum_table = xtc_db_fetch_array(xtc_db_query("SELECT COUNT(*) " . "FROM information_schema.tables " . "WHERE table_schema = '" . DB_DATABASE . "' " . "AND table_name = 'klarna_ordernum';")); $has_ordernum_table = $has_ordernum_table['COUNT(*)']; if ($has_ordernum_table > 0) { xtc_db_query("INSERT INTO `klarna_ordernum` (orders_id, klarna_ref) " . "VALUES ({$orderid}, {$refno})"); } // Set pending status and hide it from customer. $status = $_SESSION['klarna_orderstatus']; if (isset($status)) { $orderStatusQuery = $this->_klarnaDB->query("SELECT orders_status_id FROM " . TABLE_ORDERS_STATUS . " WHERE orders_status_name = '{$status}'"); $orderStatusID = $orderStatusQuery->getArray(); $sql_data_arr = array('orders_id' => $orderid, 'orders_status_id' => $orderStatusID['orders_status_id'], 'comments' => "Klarna Orderstatus: {$status}", 'customer_notified' => 0, 'date_added' => date("Y-m-d H:i:s")); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_arr); xtc_db_query("UPDATE " . TABLE_ORDERS . " SET orders_status='" . $orderStatusID['orders_status_id'] . "' WHERE orders_id='" . $orderid . "'"); } try { $this->_klarna->setEstoreInfo(KiTT_String::encode($orderid)); $this->_klarna->update($_SESSION['klarna_refno']); } catch (Exception $e) { Klarna::printDebug(__METHOD__, "{$e->getMessage()} #({$e->getCode()})"); } //Delete Session with user details unset($_SESSION['klarna_data']); unset($_SESSION['klarna_refno']); unset($_SESSION['klarna_orderstatus']); }
function _process_order() { try { /** * Process the internal cartID to match the cartID in the $_SESSION */ if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) { if ($_SESSION['cart']->cartID != $_SESSION['cartID']) { return false; } } $order = new order(); /** * PropertiesControl Object */ $coo_properties = MainFactory::create_object('PropertiesControl'); $tmp_status = $order->info['order_status']; if ($_SESSION['customers_status']['customers_status_ot_discount_flag'] == 1) { $discount = $_SESSION['customers_status']['customers_status_ot_discount']; } else { $discount = '0.00'; } if (gm_get_conf("GM_SHOW_IP") == '1' && gm_get_conf("GM_LOG_IP") == '1') { $customers_ip = $_SESSION['user_info']['user_ip']; } $comments = ''; if (trim((string) $this->_request->comment_client) != '') { $comments .= sprintf('Customer\'s Comment: %s', trim((string) $this->_request->comment_client) . "\n"); } $comments .= sprintf('Rakuten Order No: %s', (string) $this->_request->order_no . "\n") . sprintf('Rakuten Client ID: %s', (string) $this->_request->client->client_id . "\n"); $order->info['comments'] = $comments; $order->info['rakuten_order_no'] = (string) $this->_request->order_no; $billing_addr = $this->_request->client; $order->customer['email_address'] = (string) $billing_addr->email; $order->customer['firstname'] = $this->_escape_str_revert((string) $billing_addr->first_name); $order->customer['lastname'] = $this->_escape_str_revert((string) $billing_addr->last_name); $order->customer['telephone'] = (string) $billing_addr->phone; $billing_country_result = xtc_db_query("SELECT countries_id, countries_name from " . TABLE_COUNTRIES . " WHERE countries_iso_code_2 = '" . (string) $billing_addr->country . "' "); if (xtc_db_num_rows($billing_country_result)) { $billing_country = xtc_db_fetch_array($billing_country_result); } else { $billing_country['countries_id'] = -1; $billing_country['countries_name'] = (string) $billing_addr->country; } $order->billing['firstname'] = (string) $billing_addr->first_name; $order->billing['lastname'] = (string) $billing_addr->last_name; $order->billing['company'] = (string) $billing_addr->company; $order->billing['street_address'] = (string) $billing_addr->street . " " . (string) $billing_addr->street_no . ((string) $billing_addr->address_add ? '<br />' . (string) $billing_addr->address_add : ''); $order->billing['city'] = (string) $billing_addr->city; $order->billing['postcode'] = (string) $billing_addr->zip_code; $order->billing['country']['title'] = $billing_country['countries_name']; $order->billing['country']['iso_code_2'] = (string) $billing_addr->country; $order->billing['format_id'] = '5'; $shipping_addr = $this->_request->delivery_address; $shipping_country_result = xtc_db_query("SELECT countries_id, countries_name from " . TABLE_COUNTRIES . " WHERE countries_iso_code_2 = '" . (string) $shipping_addr->country . "' "); if (xtc_db_num_rows($shipping_country_result)) { $shipping_country = xtc_db_fetch_array($shipping_country_result); } else { $shipping_country['countries_id'] = -1; $shipping_country['countries_name'] = (string) $shipping_addr->country; } $order->delivery['firstname'] = (string) $shipping_addr->first_name; $order->delivery['lastname'] = (string) $shipping_addr->last_name; $order->delivery['company'] = (string) $shipping_addr->company; $order->delivery['street_address'] = (string) $shipping_addr->street . " " . (string) $shipping_addr->street_no . ((string) $shipping_addr->address_add ? '<br />' . (string) $shipping_addr->address_add : ''); $order->delivery['city'] = (string) $shipping_addr->city; $order->delivery['postcode'] = (string) $shipping_addr->zip_code; $order->delivery['country']['title'] = $shipping_country['countries_name']; $order->delivery['country']['iso_code_2'] = (string) $shipping_addr->country; $order->delivery['format_id'] = '5'; $order->info['payment_method'] = 'rakuten'; $order->info['payment_class'] = ''; $order->info['shipping_method'] = 'rakuten'; $order->info['shipping_class'] = ''; $sql_data_array = array('customers_id' => $_SESSION['customer_id'], 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_firstname' => $order->customer['firstname'], 'customers_lastname' => $order->customer['lastname'], 'customers_cid' => $order->customer['csID'], 'customers_vat_id' => $_SESSION['customer_vat_id'], 'customers_company' => $order->customer['company'], 'customers_status' => $_SESSION['customers_status']['customers_status_id'], 'customers_status_name' => $_SESSION['customers_status']['customers_status_name'], 'customers_status_image' => $_SESSION['customers_status']['customers_status_image'], 'customers_status_discount' => $discount, 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_firstname' => $order->delivery['firstname'], 'delivery_lastname' => $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_country_iso_code_2' => $order->delivery['country']['iso_code_2'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_firstname' => $order->billing['firstname'], 'billing_lastname' => $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_country_iso_code_2' => $order->billing['country']['iso_code_2'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'payment_class' => $order->info['payment_class'], 'shipping_method' => $order->info['shipping_method'], 'shipping_class' => $order->info['shipping_class'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'cc_start' => $order->info['cc_start'], 'cc_cvv' => $order->info['cc_cvv'], 'cc_issue' => $order->info['cc_issue'], 'date_purchased' => 'now()', 'orders_status' => $tmp_status, 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value'], 'customers_ip' => $customers_ip, 'language' => $_SESSION['language'], 'comments' => $order->info['comments'], 'rakuten_order_no' => $order->info['rakuten_order_no']); xtc_db_perform(TABLE_ORDERS, $sql_data_array); $insert_id = xtc_db_insert_id(); $_SESSION['tmp_oID'] = $insert_id; $sql_data_array = array('orders_id' => $insert_id, 'title' => MODULE_PAYMENT_RAKUTEN_SUBTOTAL . ':', 'text' => ' ' . sprintf("%01.2f EUR", (double) $this->_request->total - (double) $this->_request->shipping - (double) $this->_request->total_tax_amount), 'value' => (double) $this->_request->total - (double) $this->_request->shipping - (double) $this->_request->total_tax_amount, 'class' => 'ot_subtotal', 'sort_order' => 10); xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); $sql_data_array = array('orders_id' => $insert_id, 'title' => MODULE_PAYMENT_RAKUTEN_SHIPPING . ':', 'text' => ' ' . sprintf("%01.2f EUR", (double) $this->_request->shipping), 'value' => (double) $this->_request->shipping, 'class' => 'ot_shipping', 'sort_order' => 30); xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); $sql_data_array = array('orders_id' => $insert_id, 'title' => MODULE_PAYMENT_RAKUTEN_TAX . ':', 'text' => ' ' . sprintf("%01.2f EUR", (double) $this->_request->total_tax_amount), 'value' => (double) $this->_request->total_tax_amount, 'class' => 'ot_tax', 'sort_order' => 97); xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); $sql_data_array = array('orders_id' => $insert_id, 'title' => MODULE_PAYMENT_RAKUTEN_TOTAL . ':', 'text' => sprintf("<b> %01.2f EUR</b>", (double) $this->_request->total), 'value' => (double) $this->_request->total, 'class' => 'ot_total', 'sort_order' => 99); xtc_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); $customer_notification = '0'; $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $order->info['comments']); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); require_once DIR_FS_CATALOG . 'gm/inc/set_shipping_status.php'; for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { /** * Stock update */ if (STOCK_LIMITED == 'true') { if (DOWNLOAD_ENABLED == 'true') { $stock_query_raw = "SELECT p.products_quantity, pad.products_attributes_filename\n FROM " . TABLE_PRODUCTS . " p\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n ON p.products_id=pa.products_id\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n ON pa.products_attributes_id=pad.products_attributes_id\n WHERE p.products_id = '" . xtc_get_prid($order->products[$i]['id']) . "'"; $products_attributes = $order->products[$i]['attributes']; if (is_array($products_attributes)) { $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'"; } $stock_query = xtc_db_query($stock_query_raw); } else { $stock_query = xtc_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . xtc_get_prid($order->products[$i]['id']) . "'"); } if (xtc_db_num_rows($stock_query) > 0) { $stock_values = xtc_db_fetch_array($stock_query); /** * Do not decrement quantities if products_attributes_filename exists */ if (DOWNLOAD_ENABLED != 'true' || !$stock_values['products_attributes_filename']) { $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty']; } else { $stock_left = $stock_values['products_quantity']; } xtc_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . xtc_get_prid($order->products[$i]['id']) . "'"); if ($stock_left < 1 && STOCK_ALLOW_CHECKOUT == 'false' && GM_SET_OUT_OF_STOCK_PRODUCTS == 'true') { xtc_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . xtc_get_prid($order->products[$i]['id']) . "'"); } set_shipping_status($order->products[$i]['id']); if ($stock_left <= STOCK_REORDER_LEVEL) { $gm_get_products_name = xtc_db_query("SELECT products_name\n FROM products_description\n WHERE\n products_id = '" . xtc_get_prid($order->products[$i]['id']) . "'\n AND language_id = '" . $_SESSION['languages_id'] . "'"); $gm_stock_data = mysql_fetch_array($gm_get_products_name); $gm_subject = GM_OUT_OF_STOCK_NOTIFY_TEXT . ' ' . $gm_stock_data['products_name']; $gm_body = GM_OUT_OF_STOCK_NOTIFY_TEXT . ': ' . (double) $stock_left . "\n\n" . HTTP_SERVER . DIR_WS_CATALOG . 'product_info.php?info=p' . xtc_get_prid($order->products[$i]['id']); /** * Send the email */ xtc_php_mail(STORE_OWNER_EMAIL_ADDRESS, STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, STORE_NAME, '', STORE_OWNER_EMAIL_ADDRESS, STORE_NAME, '', '', $gm_subject, nl2br(htmlentities($gm_body)), $gm_body); } } } /** * Update products_ordered (for bestsellers list) */ xtc_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . (double) $order->products[$i]['qty'] . " where products_id = '" . xtc_get_prid($order->products[$i]['id']) . "'"); $sql_data_array = array('orders_id' => $insert_id, 'products_id' => xtc_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_shipping_time' => $order->products[$i]['shipping_time'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => xtc_get_tax_rate($order->products[$i]['tax_class_id'], $shipping_country['countries_id']), 'products_discount_made' => $order->products[$i]['discount_allowed'], 'products_quantity' => $order->products[$i]['qty'], 'allow_tax' => $_SESSION['customers_status']['customers_status_show_price_tax']); xtc_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array); $order_products_id = xtc_db_insert_id(); if (!empty($order->products[$i]['quantity_unit_id'])) { xtc_db_query("INSERT INTO orders_products_quantity_units\n SET orders_products_id = '" . (int) $order_products_id . "',\n quantity_unit_id = '" . (int) $order->products[$i]['quantity_unit_id'] . "',\n unit_name = '" . xtc_db_input($order->products[$i]['unit_name']) . "'"); } /** * Save selected properties_combi in product */ $t_combis_id = $coo_properties->extract_combis_id($order->products[$i]['id']); $GLOBALS['coo_debugger']->log('checkout_process: $order->products[$i][id] ' . $order->products[$i]['id'], 'Properties'); $GLOBALS['coo_debugger']->log('checkout_process: extract_combis_id ' . $t_combis_id, 'Properties'); if (empty($t_combis_id) == false) { $coo_properties->add_properties_combi_to_orders_product($t_combis_id, $order_products_id); /** * Update properties_combi quantity */ $t_quantity_change = $order->products[$i]['qty'] * -1; $val = $coo_properties->change_combis_quantity($t_combis_id, $t_quantity_change); } $specials_result = xtc_db_query("SELECT products_id, specials_quantity from " . TABLE_SPECIALS . " WHERE products_id = '" . xtc_get_prid($order->products[$i]['id']) . "' "); if (xtc_db_num_rows($specials_result)) { $spq = xtc_db_fetch_array($specials_result); $new_sp_quantity = $spq['specials_quantity'] - $order->products[$i]['qty']; if ($new_sp_quantity >= 1) { xtc_db_query("update " . TABLE_SPECIALS . " set specials_quantity = '" . $new_sp_quantity . "' where products_id = '" . xtc_get_prid($order->products[$i]['id']) . "' "); } elseif (STOCK_CHECK == 'true') { xtc_db_query("update " . TABLE_SPECIALS . " set status = '0', specials_quantity = '" . $new_sp_quantity . "' where products_id = '" . xtc_get_prid($order->products[$i]['id']) . "' "); } } if (isset($order->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name,\n poval.products_options_values_name,\n pa.options_values_price,\n pa.price_prefix,\n pad.products_attributes_maxdays,\n pad.products_attributes_maxcount,\n pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'"; $attributes = xtc_db_query($attributes_query); } else { $attributes = xtc_db_query("select popt.products_options_name,\n poval.products_options_values_name,\n pa.options_values_price,\n pa.price_prefix\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'"); } /** * update attribute stock */ xtc_db_query("UPDATE " . TABLE_PRODUCTS_ATTRIBUTES . " set\n attributes_stock=attributes_stock - '" . $order->products[$i]['qty'] . "'\n where\n products_id='" . $order->products[$i]['id'] . "'\n and options_values_id='" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and options_id='" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n "); $attributes_values = xtc_db_fetch_array($attributes); $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']); xtc_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array); if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && xtc_not_null($attributes_values['products_attributes_filename'])) { $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']); xtc_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array); } /** * BOF GM_MOD attributes stock_notifier */ $gm_get_attributes_stock = xtc_db_query("SELECT\n pd.products_name,\n pa.attributes_stock,\n po.products_options_name,\n pov.products_options_values_name\n FROM\n products_description pd,\n products_attributes pa,\n products_options po,\n products_options_values pov\n WHERE pa.products_id = '" . $order->products[$i]['id'] . "'\n AND pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n AND pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n AND po.products_options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n AND po.language_id = '" . $_SESSION['languages_id'] . "'\n AND pov.products_options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n AND pov.language_id = '" . $_SESSION['languages_id'] . "'\n AND pd.products_id = '" . $order->products[$i]['id'] . "'\n AND pd.language_id = '" . $_SESSION['languages_id'] . "'"); if (xtc_db_num_rows($gm_get_attributes_stock) == 1) { $gm_attributes_stock_data = xtc_db_fetch_array($gm_get_attributes_stock); if ($gm_attributes_stock_data['attributes_stock'] <= STOCK_REORDER_LEVEL) { $gm_subject = GM_OUT_OF_STOCK_NOTIFY_TEXT . ' ' . $gm_attributes_stock_data['products_name'] . ' - ' . $gm_attributes_stock_data['products_options_name'] . ': ' . $gm_attributes_stock_data['products_options_values_name']; $gm_body = GM_OUT_OF_STOCK_NOTIFY_TEXT . ': ' . (double) $gm_attributes_stock_data['attributes_stock'] . ' (' . $gm_attributes_stock_data['products_name'] . ' - ' . $gm_attributes_stock_data['products_options_name'] . ': ' . $gm_attributes_stock_data['products_options_values_name'] . ")\n\n" . HTTP_SERVER . DIR_WS_CATALOG . 'product_info.php?info=p' . xtc_get_prid($order->products[$i]['id']); xtc_php_mail(STORE_OWNER_EMAIL_ADDRESS, STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, STORE_NAME, '', STORE_OWNER_EMAIL_ADDRESS, STORE_NAME, '', '', $gm_subject, nl2br(htmlentities($gm_body)), $gm_body); } } } } $total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight']; $total_cost += $total_products_price; } if (isset($_SESSION['tracking']['refID'])) { xtc_db_query("update " . TABLE_ORDERS . " set\n refferers_id = '" . $_SESSION['tracking']['refID'] . "'\n where orders_id = '" . $insert_id . "'"); /** * Check if late or direct sale */ $customers_logon_query = "SELECT customers_info_number_of_logons\n FROM " . TABLE_CUSTOMERS_INFO . "\n WHERE customers_info_id = '" . $_SESSION['customer_id'] . "'"; $customers_logon_query = xtc_db_query($customers_logon_query); $customers_logon = xtc_db_fetch_array($customers_logon_query); if ($customers_logon['customers_info_number_of_logons'] == 0) { /** * direct sale */ xtc_db_query("update " . TABLE_ORDERS . " set\n conversion_type = '1'\n where orders_id = '" . $insert_id . "'"); } else { /** * late sale */ xtc_db_query("update " . TABLE_ORDERS . " set\n conversion_type = '2'\n where orders_id = '" . $insert_id . "'"); } } else { $customers_query = xtc_db_query("SELECT refferers_id as ref FROM " . TABLE_CUSTOMERS . " WHERE customers_id='" . $_SESSION['customer_id'] . "'"); $customers_data = xtc_db_fetch_array($customers_query); if (xtc_db_num_rows($customers_query)) { xtc_db_query("update " . TABLE_ORDERS . " set\n refferers_id = '" . $customers_data['ref'] . "'\n where orders_id = '" . $insert_id . "'"); /** * check if late or direct sale */ $customers_logon_query = "SELECT customers_info_number_of_logons\n FROM " . TABLE_CUSTOMERS_INFO . "\n WHERE customers_info_id = '" . $_SESSION['customer_id'] . "'"; $customers_logon_query = xtc_db_query($customers_logon_query); $customers_logon = xtc_db_fetch_array($customers_logon_query); if ($customers_logon['customers_info_number_of_logons'] == 0) { /** * Direct sale */ xtc_db_query("update " . TABLE_ORDERS . " set\n conversion_type = '1'\n where orders_id = '" . $insert_id . "'"); } else { /** * Late sale */ xtc_db_query("update " . TABLE_ORDERS . " set\n conversion_type = '2'\n where orders_id = '" . $insert_id . "'"); } } } $_SESSION['cart']->reset(true); /** * Unregister session variables used during checkout */ unset($_SESSION['sendto']); unset($_SESSION['billto']); unset($_SESSION['shipping']); unset($_SESSION['payment']); unset($_SESSION['comments']); unset($_SESSION['last_order']); unset($_SESSION['tmp_oID']); unset($_SESSION['cc']); unset($_SESSION['nvpReqArray']); unset($_SESSION['reshash']); $last_order = $insert_id; if (isset($_SESSION['credit_covers'])) { unset($_SESSION['credit_covers']); } } catch (Exception $e) { throw $e; } return true; }
/** * xtc_set_groups() * * @param mixed $categories_id * @param mixed $permission_array * @return */ function xtc_set_groups($categories_id, $permission_array) { // get products in categorie $products_query = xtc_db_query("SELECT products_id FROM " . TABLE_PRODUCTS_TO_CATEGORIES . " where categories_id='" . $categories_id . "'"); while ($products = xtc_db_fetch_array($products_query)) { xtc_db_perform(TABLE_PRODUCTS, $permission_array, 'update', 'products_id = \'' . $products['products_id'] . '\''); } // set status of categorie xtc_db_perform(TABLE_CATEGORIES, $permission_array, 'update', 'categories_id = \'' . $categories_id . '\''); // look for deeper categories and go rekursiv $categories_query = xtc_db_query("SELECT categories_id FROM " . TABLE_CATEGORIES . " where parent_id='" . $categories_id . "'"); while ($categories = xtc_db_fetch_array($categories_query)) { xtc_set_groups($categories['categories_id'], $permission_array); } }
function _parse_response_payone_api($redirect = true) { global $insert_id; if ($this->response instanceof Payone_Api_Response_Preauthorization_Approved || $this->response instanceof Payone_Api_Response_Authorization_Approved) { $sql_data_array = array('bankaccountholder' => $this->response->getClearingBankaccountholder(), 'bankcountry' => $this->response->getClearingBankcountry(), 'bankaccount' => $this->response->getClearingBankaccount(), 'bankcode' => $this->response->getClearingBankcode(), 'bankiban' => $this->response->getClearingBankiban(), 'bankbic' => $this->response->getClearingBankbic(), 'bankcity' => $this->response->getClearingBankcity(), 'bankname' => $this->response->getClearingBankname(), 'orders_id' => (int) $insert_id); xtc_db_perform('payone_clearingdata', $sql_data_array); } if ($this->response instanceof Payone_Api_Response_Preauthorization_Approved) { $this->payone->log("preauthorization approved"); $this->payone->saveTransaction($insert_id, $this->response->getStatus(), $this->response->getTxid(), $this->response->getUserid()); $this->_updateOrdersStatus($insert_id, $this->response->getTxid(), strtolower((string) $this->response->getStatus()), COMMENT_PREAUTH_APPROVED); } elseif ($this->response instanceof Payone_Api_Response_Authorization_Approved) { $this->payone->log("authorization approved"); $this->payone->saveTransaction($insert_id, $this->response->getStatus(), $this->response->getTxid(), $this->response->getUserid()); $this->_updateOrdersStatus($insert_id, $this->response->getTxid(), strtolower((string) $this->response->getStatus()), COMMENT_AUTH_APPROVED); } elseif ($this->response instanceof Payone_Api_Response_Authorization_Redirect) { $this->payone->log("authorization for order " . $insert_id . " initiated, txid = " . $this->response->getTxid()); if ($this->response->getStatus() == 'REDIRECT') { $this->payone->saveTransaction($insert_id, $this->response->getStatus(), $this->response->getTxid(), $this->response->getUserid()); $this->payone->log("redirecting to payment service"); $this->_updateOrdersStatus($insert_id, $this->response->getTxid(), strtolower((string) $this->response->getStatus()), COMMENT_REDIRECTION_INITIATED); $redirect_url = $this->response->getRedirecturl(); if ($redirect_url != '') { xtc_redirect($redirect_url); } } } elseif ($this->response instanceof Payone_Api_Response_Error) { $this->payone->log("authorization for order " . $insert_id . " failed, status " . $this->response->getStatus() . ", code " . $this->response->getErrorcode() . ", message " . $this->response->getErrormessage()); $this->_updateOrdersStatus($insert_id, '', strtolower((string) $this->response->getStatus()), COMMENT_ERROR); $_SESSION['payone_error'] = $this->response->getCustomermessage(); $this->_remove_order($insert_id); if ($_SESSION[$this->code]['installment_type'] == 'klarna') { xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'conditions=true&payment_error=' . $this->code)); } else { xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code)); } } else { die('unhandled response type'); } }
$sql = "\n SELECT sum(affiliate_payment) as affiliate_payment\n FROM " . TABLE_AFFILIATE_SALES . " \n WHERE affiliate_id='" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status=99 \n "; $affiliate_billing_query = xtc_db_query($sql); $affiliate_billing = xtc_db_fetch_array($affiliate_billing_query); // Get affiliate Informations $sql = "\n SELECT a.*, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id \n from " . TABLE_AFFILIATE . " a \n left join " . TABLE_ZONES . " z on (a.affiliate_zone_id = z.zone_id) \n left join " . TABLE_COUNTRIES . " c on (a.affiliate_country_id = c.countries_id)\n WHERE affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' \n "; $affiliate_query = xtc_db_query($sql); $affiliate = xtc_db_fetch_array($affiliate_query); // Get need tax informations for the affiliate $affiliate_tax_rate = xtc_get_affiliate_tax_rate(AFFILIATE_TAX_ID, $affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id']); $affiliate_tax = xtc_round($affiliate_billing['affiliate_payment'] * $affiliate_tax_rate / 100, 2); // Netto-Provision $affiliate_payment_total = $affiliate_billing['affiliate_payment']; // Bill the order $affiliate['affiliate_state'] = xtc_get_zone_code($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']); $sql_data_array = array('affiliate_id' => $affiliate_payment['affiliate_id'], 'affiliate_payment' => $affiliate_billing['affiliate_payment'] - $affiliate_tax, 'affiliate_payment_tax' => $affiliate_tax, 'affiliate_payment_total' => $affiliate_payment_total, 'affiliate_payment_date' => 'now()', 'affiliate_payment_status' => '0', 'affiliate_firstname' => $affiliate['affiliate_firstname'], 'affiliate_lastname' => $affiliate['affiliate_lastname'], 'affiliate_street_address' => $affiliate['affiliate_street_address'], 'affiliate_suburb' => $affiliate['affiliate_suburb'], 'affiliate_city' => $affiliate['affiliate_city'], 'affiliate_country' => $affiliate['countries_name'], 'affiliate_postcode' => $affiliate['affiliate_postcode'], 'affiliate_company' => $affiliate['affiliate_company'], 'affiliate_state' => $affiliate['affiliate_state'], 'affiliate_address_format_id' => $affiliate['address_format_id']); xtc_db_perform(TABLE_AFFILIATE_PAYMENT, $sql_data_array); $insert_id = xtc_db_insert_id(); // Set the Sales to Final State xtc_db_query("update " . TABLE_AFFILIATE_SALES . " set affiliate_payment_id = '" . $insert_id . "', affiliate_billing_status = 1, affiliate_payment_date = now() where affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status = 99"); // Notify Affiliate if (AFFILIATE_NOTIFY_AFTER_BILLING == 'true') { $check_status_query = xtc_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id = '" . $insert_id . "' and af.affiliate_id = ap.affiliate_id "); $check_status = xtc_db_fetch_array($check_status_query); $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . xtc_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $insert_id, 'SSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . xtc_date_long($check_status['affiliate_payment_date']) . "\n\n" . EMAIL_TEXT_NEW_PAYMENT; xtc_php_mail(AFFILIATE_EMAIL_ADDRESS, EMAIL_SUPPORT_NAME, $check_status['affiliate_email_address'], $check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_TEXT_SUBJECT, nl2br($email), $email); } } $messageStack->add_session(SUCCESS_BILLING, 'success'); xtc_redirect(xtc_href_link(FILENAME_AFFILIATE_PAYMENT, xtc_get_all_get_params(array('action')) . 'action=edit')); break; case 'update_payment':
include DIR_WS_MODULES . 'new_attributes_include.php'; } if (!isset($_GET['option_order_by'])) { $_POST['action'] = isset($_POST['action']) ? $_POST['action'] : ''; // EOF - Tomcraft - 2009-11-11 - NEW SORT SELECTION switch ($_POST['action']) { case 'edit': if ($_POST['copy_product_id'] != 0) { //new copy handling by web28 $attrib_query = xtc_db_query("SELECT *\n FROM " . TABLE_PRODUCTS_ATTRIBUTES . "\n WHERE products_id = " . $_POST['copy_product_id']); while ($attrib_res_array = xtc_db_fetch_array($attrib_query)) { //set new data (overrides) unset($attrib_res_array['products_attributes_id']); $attrib_res_array['products_id'] = $_POST['current_product_id']; //write data to DB xtc_db_perform(TABLE_PRODUCTS_ATTRIBUTES, $attrib_res_array); } } $pageTitle = TITLE_EDIT . ': ' . xtc_findTitle($_POST['current_product_id'], $languageFilter); include DIR_WS_MODULES . 'new_attributes_include.php'; break; case 'change': $pageTitle = TITLE_UPDATED; include DIR_WS_MODULES . 'new_attributes_change.php'; include DIR_WS_MODULES . 'new_attributes_select.php'; break; default: $pageTitle = TITLE_EDIT; include DIR_WS_MODULES . 'new_attributes_select.php'; break; }
protected function after_process() { if (isset($this->document->document->documentNumber) && xtc_not_null($this->document->document->documentNumber)) { $process_array = array('orders_id' => xtc_db_prepare_input($this->info['order_id']), 'customers_id' => xtc_db_prepare_input($this->customer['id']), 'easybill_customers_id' => xtc_db_prepare_input($this->customers->customerID), 'billing_id' => xtc_db_prepare_input($this->document->document->documentNumber), 'billing_date' => 'now()'); xtc_db_perform(TABLE_EASYBILL, $process_array); if (MODULE_EASYBILL_DO_STATUS_CHANGE == 'True') { $status_array = array('orders_id' => $this->info['order_id'], 'orders_status_id' => MODULE_EASYBILL_STATUS_CHANGE, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => EASYBILL_STATUS_CHANGE_COMMENT); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $status_array); xtc_db_query("UPDATE " . TABLE_ORDERS . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tSET orders_status = " . MODULE_EASYBILL_STATUS_CHANGE . ",\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tlast_modified = now()\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE orders_id = " . $this->info['order_id']); } } }
function complete_payment_paypal_installment() { global $insert_id; if (isset($_SESSION['paypal']['paymentId']) && isset($_SESSION['paypal']['PayerID'])) { // auth $apiContext = $this->apiContext(); try { // Get the payment Object by passing paymentId $payment = Payment::get($_SESSION['paypal']['paymentId'], $apiContext); } catch (Exception $ex) { $this->LoggingManager->log(print_r($ex, true), 'DEBUG'); // redirect unset($_SESSION['paypal']); xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code, 'SSL')); } // PaymentExecution $execution = new PaymentExecution(); $execution->setPayerId($_SESSION['paypal']['PayerID']); try { // Execute the payment $payment->execute($execution, $apiContext); } catch (Exception $ex) { $this->LoggingManager->log(print_r($ex, true), 'DEBUG'); $this->remove_order($insert_id); unset($_SESSION['paypal']); xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code, 'SSL')); } // capture if (($this->transaction_type == 'order' || $this->transaction_type == 'authorize') && $this->get_config('PAYPAL_CAPTURE_MANUELL') == '0') { $this->capture_payment($payment); } $sql_data_array = array('orders_id' => $insert_id, 'payment_id' => $_SESSION['paypal']['paymentId'], 'payer_id' => $_SESSION['paypal']['PayerID']); xtc_db_perform(TABLE_PAYPAL_PAYMENT, $sql_data_array); try { // Get the payment Object by passing paymentId $payment = Payment::get($_SESSION['paypal']['paymentId'], $apiContext); } catch (Exception $ex) { $this->LoggingManager->log(print_r($ex, true), 'DEBUG'); $this->remove_order($insert_id); unset($_SESSION['paypal']); xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code, 'SSL')); } $status = $this->get_orders_status($payment); $status['status_id'] = $this->get_config('PAYPAL_ORDER_STATUS_ACCEPTED_ID'); if ($status['status_id'] < 0) { $check_query = xtc_db_query("SELECT orders_status\n FROM " . TABLE_ORDERS . " \n WHERE orders_id = '" . (int) $insert_id . "'"); $check = xtc_db_fetch_array($check_query); $status['status_id'] = $check['orders_status']; } $this->update_order($status['comment'], $status['status_id'], $insert_id); } else { // redirect unset($_SESSION['paypal']); xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code, 'SSL')); } }
/** * Checks if automatic cancelation run more than one hour ago. * * @return bool */ function checkLastAutoCancel() { $lastQuery = xtc_db_query("SELECT configuration_value\n FROM " . TABLE_CONFIGURATION . "\n WHERE configuration_key = 'MODULE_PAYMENT_BARZAHLEN_LAST_AUTO_CANCEL'"); $lastCheck = xtc_db_fetch_array($lastQuery); if (!$lastCheck) { $sql_data = array('configuration_key' => 'MODULE_PAYMENT_BARZAHLEN_LAST_AUTO_CANCEL', 'configuration_value' => 'now()', 'configuration_group_id' => 6, 'date_added' => 'now()'); xtc_db_perform(TABLE_CONFIGURATION, $sql_data); return true; } elseif (time() - strtotime($lastCheck['configuration_value']) > 3600) { xtc_db_query("UPDATE " . TABLE_CONFIGURATION . "\n SET configuration_value = NOW()\n WHERE configuration_key = 'MODULE_PAYMENT_BARZAHLEN_LAST_AUTO_CANCEL'"); return true; } return false; }
function writeStatusHistory($_statusID) { require_once DIR_FS_CATALOG . 'lang/' . $this->customer_lang . '/masterpayment_callback.php'; $history_message = "status: " . $this->status . "\r"; $history_message .= $_masterpaymentCallbackMessages[$this->status]; $sql_data_array = array('orders_id' => $this->order_ID, 'orders_status_id' => $_statusID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => $history_message); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); }
function payment_action() { global $order, $xtPrice, $insert_id; $customer_id = $_SESSION['customer_id']; $order_id = $insert_id; $_SESSION['cart_pn_sofortueberweisung_ID'] = $_SESSION['cart']->cartID . '-' . $insert_id; if ($_SESSION['customers_status']['customers_status_show_price_tax'] == 0 && $_SESSION['customers_status']['customers_status_add_tax_ot'] == 1) { $total = $order->info['total'] + $order->info['tax']; } else { $total = $order->info['total']; } // Fix for XTC Bug // $order->info['total'] is in 'before_process' String without Tax, after email it is TEXT with currency // so it has to be set here $amount = round($total, $xtPrice->get_decimal_places($_SESSION['currency'])); $amount = number_format($amount, 2, '.', ''); $_SESSION['sofortueberweisung_total'] = $amount; $parameter = array(); $currency = $_SESSION['currency']; $reason_1 = str_replace('{{order_id}}', $order_id, MODULE_PAYMENT_PN_SOFORTUEBERWEISUNG_REASON_1); $reason_1 = str_replace('{{customer_id}}', $customer_id, $reason_1); $reason_1 = substr($reason_1, 0, 27); $reason_2 = str_replace('{{order_id}}', $order_id, MODULE_PAYMENT_PN_SOFORTUEBERWEISUNG_TEXT_REASON_2); $reason_2 = str_replace('{{customer_id}}', $customer_id, $reason_2); $reason_2 = str_replace('{{order_date}}', strftime(DATE_FORMAT_SHORT), $reason_2); $reason_2 = str_replace('{{customer_name}}', $order->customer['firstname'] . ' ' . $order->customer['lastname'], $reason_2); $reason_2 = str_replace('{{customer_company}}', $order->customer['company'], $reason_2); $reason_2 = str_replace('{{customer_email}}', $order->customer['email_address'], $reason_2); $reason_2 = substr($reason_2, 0, 27); $user_variable_0 = $order_id; $user_variable_1 = $customer_id; $session = session_name() . '=' . session_id(); if (ENABLE_SSL == true) { $server = HTTPS_SERVER; } else { $server = HTTP_SERVER; } $server = str_replace('https://', '', $server); $server = str_replace('http://', '', $server); // success return url: $user_variable_2 = $server . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . $session; // cancel return url: $user_variable_3 = $server . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?payment_error=pn_sofortueberweisung&' . $session; // notification url: $user_variable_4 = $server . DIR_WS_CATALOG . 'callback/pn_sofortueberweisung/callback.php'; //deprecated $user_variable_5 = $_SESSION['cart']->cartID; // Additionally update status $sql_data_array = array('orders_id' => (int) $order_id, 'orders_status_id' => MODULE_PAYMENT_PN_SOFORTUEBERWEISUNG_TMP_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => MODULE_PAYMENT_PN_SOFORTUEBERWEISUNG_TEXT_TITLE); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); $url = $this->pnSofortueberweisung->getPaymentUrl(MODULE_PAYMENT_PN_SOFORTUEBERWEISUNG_USER_ID, MODULE_PAYMENT_PN_SOFORTUEBERWEISUNG_PROJECT_ID, $amount, $currency, $reason_1, $reason_2, $user_variable_0, $user_variable_1, $user_variable_2, $user_variable_3, $user_variable_4, $user_variable_5); xtc_redirect($url); }
function callback_process($data, $charset) { // Keine Session da ! // Stand: 29.06.2011 global $_GET; $this->data = $data; //$this->_logTrans($data); require_once DIR_WS_CLASSES . 'class.phpmailer.php'; if (EMAIL_TRANSPORT == 'smtp') { require_once DIR_WS_CLASSES . 'class.smtp.php'; } require_once DIR_FS_INC . 'xtc_Security.inc.php'; $xtc_order_id = (int) substr($this->data['invoice'], strlen(PAYPAL_INVOICE)); if (isset($xtc_order_id) && is_numeric($xtc_order_id) && $xtc_order_id > 0) { // order suchen $order_query = xtc_db_query("SELECT currency, currency_value\n FROM " . TABLE_ORDERS . "\n WHERE orders_id = '" . xtc_db_prepare_input($xtc_order_id) . "'"); if (xtc_db_num_rows($order_query) > 0) { // order gefunden $ipn_charset = xtc_db_prepare_input($this->data['charset']); $ipn_data = array(); $ipn_data['reason_code'] = xtc_db_prepare_input($this->data['reason_code']); $ipn_data['xtc_order_id'] = xtc_db_prepare_input($xtc_order_id); $ipn_data['payment_type'] = xtc_db_prepare_input($this->data['payment_type']); $ipn_data['payment_status'] = xtc_db_prepare_input($this->data['payment_status']); $ipn_data['pending_reason'] = xtc_db_prepare_input($this->data['pending_reason']); $ipn_data['invoice'] = xtc_db_prepare_input($this->data['invoice']); $ipn_data['mc_currency'] = xtc_db_prepare_input($this->data['mc_currency']); $ipn_data['first_name'] = xtc_db_prepare_input($this->IPNdecode($this->data['first_name'], $ipn_charset, $charset)); $ipn_data['last_name'] = xtc_db_prepare_input($this->IPNdecode($this->data['last_name'], $ipn_charset, $charset)); $ipn_data['address_name'] = xtc_db_prepare_input($this->IPNdecode($this->data['address_name'], $ipn_charset, $charset)); $ipn_data['address_street'] = xtc_db_prepare_input($this->IPNdecode($this->data['address_street'], $ipn_charset, $charset)); $ipn_data['address_city'] = xtc_db_prepare_input($this->IPNdecode($this->data['address_city'], $ipn_charset, $charset)); $ipn_data['address_state'] = xtc_db_prepare_input($this->IPNdecode($this->data['address_state'], $ipn_charset, $charset)); $ipn_data['address_zip'] = xtc_db_prepare_input($this->data['address_zip']); $ipn_data['address_country'] = xtc_db_prepare_input($this->IPNdecode($this->data['address_country'], $ipn_charset, $charset)); $ipn_data['address_status'] = xtc_db_prepare_input($this->data['address_status']); $ipn_data['payer_email'] = xtc_db_prepare_input($this->data['payer_email']); $ipn_data['payer_id'] = xtc_db_prepare_input($this->data['payer_id']); $ipn_data['payer_status'] = xtc_db_prepare_input($this->data['payer_status']); $ipn_data['payment_date'] = xtc_db_prepare_input($this->datetime_to_sql_format($this->data['payment_date'])); $ipn_data['business'] = xtc_db_prepare_input($this->IPNdecode($this->data['business'], $ipn_charset, $charset)); $ipn_data['receiver_email'] = xtc_db_prepare_input($this->data['receiver_email']); $ipn_data['receiver_id'] = xtc_db_prepare_input($this->data['receiver_id']); $ipn_data['txn_id'] = xtc_db_prepare_input($this->data['txn_id']); $ipn_data['txn_type'] = $this->ipn_determine_txn_type($this->data['txn_type']); $ipn_data['parent_txn_id'] = xtc_db_prepare_input($this->data['parent_txn_id']); $ipn_data['mc_gross'] = xtc_db_prepare_input($this->data['mc_gross']); $ipn_data['mc_fee'] = xtc_db_prepare_input($this->data['mc_fee']); $ipn_data['mc_shipping'] = xtc_db_prepare_input($this->data['mc_shipping']); $ipn_data['payment_gross'] = xtc_db_prepare_input($this->data['payment_gross']); $ipn_data['payment_fee'] = xtc_db_prepare_input($this->data['payment_fee']); $ipn_data['notify_version'] = xtc_db_prepare_input($this->data['notify_version']); $ipn_data['verify_sign'] = xtc_db_prepare_input($this->data['verify_sign']); $ipn_data['num_cart_items'] = xtc_db_prepare_input($this->data['num_cart_items']); if ($ipn_data['num_cart_items'] > 1) { $verspos = $ipn_data['num_cart_items']; for ($p = 1; $p <= $verspos; $p++) { if ($this->data['item_name' . $p] == substr(SUB_TITLE_OT_DISCOUNT, 0, 127) || $this->data['item_name' . $p] == substr(PAYPAL_GS, 0, 127) || $this->data['item_name' . $p] == "Handling" || $this->data['item_name' . $p] == substr(PAYPAL_TAX, 0, 127) || $this->data['item_name' . $p] == "Differenz") { // Artikel Nummer aus den Details für Sonderzeilen $ipn_data['num_cart_items']--; } if ($this->data['item_name' . $p] == substr(SHIPPING_COSTS, 0, 127)) { // Versandkosten $ipn_data['mc_shipping'] = $this->data['mc_gross_' . $p]; $ipn_data['num_cart_items']--; } } } $_transQuery = "SELECT paypal_ipn_id FROM " . TABLE_PAYPAL . " WHERE txn_id = '" . $ipn_data['txn_id'] . "'"; $_transQuery = xtc_db_query($_transQuery); $_transQuery = xtc_db_fetch_array($_transQuery); if ($_transQuery['paypal_ipn_id'] != '') { $insert_id = $_transQuery['paypal_ipn_id']; $sql_data_array = array('payment_status' => $ipn_data['payment_status'], 'pending_reason' => $ipn_data['pending_reason'], 'payer_email' => $ipn_data['payer_email'], 'num_cart_items' => $ipn_data['num_cart_items'], 'mc_fee' => $ipn_data['mc_fee'], 'mc_shipping' => $ipn_data['mc_shipping'], 'address_name' => $ipn_data['address_name'], 'address_street' => $ipn_data['address_street'], 'address_city' => $ipn_data['address_city'], 'address_state' => $ipn_data['address_state'], 'address_zip' => $ipn_data['address_zip'], 'address_country' => $ipn_data['address_country'], 'address_status' => $ipn_data['address_status'], 'payer_status' => $ipn_data['payer_status'], 'receiver_email' => $ipn_data['receiver_email'], 'last_modified ' => 'now()'); xtc_db_perform(TABLE_PAYPAL, $sql_data_array, 'update', "paypal_ipn_id = '" . (int) $insert_id . "'"); } else { $ipn_data['date_added'] = 'now()'; $ipn_data['last_modified'] = 'now()'; xtc_db_perform(TABLE_PAYPAL, $ipn_data); $insert_id = xtc_db_insert_id(); } $paypal_order_history = array('paypal_ipn_id' => $insert_id, 'txn_id' => $ipn_data['txn_id'], 'parent_txn_id' => $ipn_data['parent_txn_id'], 'payment_status' => $ipn_data['payment_status'], 'pending_reason' => $ipn_data['pending_reason'], 'mc_amount' => $ipn_data['mc_gross'], 'date_added' => 'now()'); xtc_db_perform(TABLE_PAYPAL_STATUS_HISTORY, $paypal_order_history); $crlf = "\n"; $comment_status = xtc_db_prepare_input($this->data['payment_status']) . ' ' . xtc_db_prepare_input($this->data['mc_gross']) . xtc_db_prepare_input($this->data['mc_currency']) . $crlf; $comment_status .= ' ' . xtc_db_prepare_input($this->data['first_name']) . ' ' . xtc_db_prepare_input($this->data['last_name']) . ' ' . xtc_db_prepare_input($this->data['payer_email']); if (isset($this->data['payer_status'])) { $comment_status .= ' is ' . xtc_db_prepare_input($this->data['payer_status']); } $comment_status .= '.' . $crlf; if (isset($this->data['test_ipn']) && is_numeric($this->data['test_ipn']) && $_POST['test_ipn'] > 0) { $comment_status .= '(Sandbox-Test Mode)' . $crlf; } $comment_status .= 'Total=' . xtc_db_prepare_input($this->data['mc_gross']) . xtc_db_prepare_input($this->data['mc_currency']); if (isset($this->data['pending_reason'])) { $comment_status .= $crlf . ' Pending Reason=' . xtc_db_prepare_input($this->data['pending_reason']); } if (isset($this->data['reason_code'])) { $comment_status .= $crlf . ' Reason Code=' . xtc_db_prepare_input($this->data['reason_code']); } $comment_status .= $crlf . ' Payment=' . xtc_db_prepare_input($this->data['payment_type']); $comment_status .= $crlf . ' Date=' . xtc_db_prepare_input($this->data['payment_date']); if (isset($this->data['parent_txn_id'])) { $comment_status .= $crlf . ' ParentID=' . xtc_db_prepare_input($this->data['parent_txn_id']); } $comment_status .= $crlf . ' ID=' . xtc_db_prepare_input($_POST['txn_id']); //Set status for default (Pending) $order_status_id = PAYPAL_ORDER_STATUS_PENDING_ID; $parameters = 'cmd=_notify-validate'; foreach ($this->data as $key => $value) { $parameters .= '&' . $key . '=' . urlencode(stripslashes($value)); } //$this->_logTransactions($parameters); // 08.01.2008 auch ohne cURL $mit_curl = 0; if (function_exists('curl_init')) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->IPN_URL); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $parameters); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $result = curl_exec($ch); if (!curl_errno($ch)) { $mit_curl = 1; } curl_close($ch); } // cURL fehlt oder ist fehlgeschlagen if ($mit_curl == 0) { $request_post = array('http' => array('method' => 'POST', 'header' => "Content-type: application/x-www-form-urlencoded\r\n", 'content' => $parameters)); $request = stream_context_create($request_post); $result = file_get_contents($this->IPN_URL, false, $request); } if (strtoupper($result) == 'VERIFIED' || $result == '1') { // Steht auf Warten if (strtolower($this->data['payment_status']) == 'completed') { if (PAYPAL_ORDER_STATUS_SUCCESS_ID > 0) { $order_status_id = PAYPAL_ORDER_STATUS_SUCCESS_ID; } //Set status for Denied, Failed } elseif (strtolower($this->data['payment_status']) == 'denied' or strtolower($this->data['payment_status']) == 'failed') { $order_status_id = PAYPAL_ORDER_STATUS_REJECTED_ID; //Set status for Reversed } elseif (strtolower($this->data['payment_status']) == 'reversed') { $order_status_id = PAYPAL_ORDER_STATUS_PENDING_ID; //Set status for Canceled-Reversal } elseif (strtolower($this->data['payment_status']) == 'canceled-reversal') { $order_status_id = PAYPAL_ORDER_STATUS_SUCCESS_ID; //Set status for Refunded } elseif (strtolower($this->data['payment_status']) == 'refunded') { $order_status_id = DEFAULT_ORDERS_STATUS_ID; //Set status for Pendign - eigentlich nicht nötig? } elseif (strtolower($this->data['payment_status']) == 'pending') { $order_status_id = PAYPAL_ORDER_STATUS_PENDING_ID; //Set status for Processed - wann kommt das ? } elseif (strtolower($this->data['payment_status']) == 'processed') { if (PAYPAL_ORDER_STATUS_SUCCESS_ID > 0) { $order_status_id = PAYPAL_ORDER_STATUS_SUCCESS_ID; } } } else { $order_status_id = PAYPAL_ORDER_STATUS_REJECTED_ID; $error_reason = 'Received INVALID responce but invoice and Customer matched.'; } $xtc_order_id = (int) substr($this->data['invoice'], strlen(PAYPAL_INVOICE)); xtc_db_query("UPDATE " . TABLE_ORDERS . "\n SET orders_status = '" . $order_status_id . "', last_modified = now()\n WHERE orders_id = '" . xtc_db_prepare_input($xtc_order_id) . "'"); $sql_data_array = array('orders_id' => xtc_db_prepare_input($xtc_order_id), 'orders_status_id' => $order_status_id, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => 'PayPal IPN ' . $comment_status . ''); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); } else { $error_reason = 'IPN-Fehler: Keine Order Nr.=' . xtc_db_prepare_input($this->data['invoice']) . ' mit Kunden=' . (int) $this->data['custom'] . ' gefunden.'; } } else { $error_reason = 'IPN-Fehler: Keine Order gefunden zu den empfangenen Daten.'; } if (xtc_not_null(EMAIL_SUPPORT_ADDRESS) && strlen($error_reason)) { $email_body = $error_reason . "\n\n" . '<br>'; $email_body .= $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REMOTE_ADDR'] . " - " . $_SERVER['HTTP_REFERER'] . " - " . $_SERVER['HTTP_ACCEPT'] . "\n\n" . '<br>'; $email_body .= '$_POST:' . "\n\n" . '<br>'; foreach ($this->data as $key => $value) { $email_body .= $key . '=' . $value . "\n" . '<br>'; } $email_body .= "\n" . '$_GET:' . "\n\n" . '<br>'; foreach ($_GET as $key => $value) { $email_body .= $key . '=' . $value . "\n" . '<br>'; } xtc_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_ADDRESS, '', EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, false, false, 'PayPal IPN Invalid Process', $email_body, $email_body); } }
if (!xtc_not_null($cross_sell_id)) { $next_id_query = xtc_db_query("select max(products_xsell_grp_name_id) as products_xsell_grp_name_id from " . TABLE_PRODUCTS_XSELL_GROUPS . ""); $next_id = xtc_db_fetch_array($next_id_query); $cross_sell_id = $next_id['products_xsell_grp_name_id'] + 1; } $insert_sql_data = array('products_xsell_grp_name_id' => $cross_sell_id, 'language_id' => $language_id); $sql_data_array = xtc_array_merge($sql_data_array, $insert_sql_data); xtc_db_perform(TABLE_PRODUCTS_XSELL_GROUPS, $sql_data_array); } elseif ($_GET['action'] == 'save') { //BOF - web28 - 2010-07-11 - BUGFIX no entry stored for previous deactivated languages $cross_sell_query = xtc_db_query("select * from " . TABLE_PRODUCTS_XSELL_GROUPS . " where language_id = '" . $language_id . "' and products_xsell_grp_name_id = '" . xtc_db_input($cross_sell_id) . "'"); if (xtc_db_num_rows($cross_sell_query) == 0) { xtc_db_perform(TABLE_PRODUCTS_XSELL_GROUPS, array('products_xsell_grp_name_id' => xtc_db_input($cross_sell_id), 'language_id' => $language_id)); } //EOF - web28 - 2010-07-11 - BUGFIX no entry stored for previous deactivated languages xtc_db_perform(TABLE_PRODUCTS_XSELL_GROUPS, $sql_data_array, 'update', "products_xsell_grp_name_id = '" . xtc_db_input($cross_sell_id) . "' and language_id = '" . $language_id . "'"); } } xtc_redirect(xtc_href_link(FILENAME_XSELL_GROUPS, 'page=' . $_GET['page'] . '&oID=' . $cross_sell_id)); } else { $_SESSION['repopulate_form'] = $_REQUEST; $_SESSION['errors'] = $error; xtc_redirect(xtc_href_link(FILENAME_XSELL_GROUPS, 'page=' . $_GET['page'] . '&oID=' . $cross_sell_id . '&action=' . $url_action . '&errors=1')); } break; case 'deleteconfirm': $oID = xtc_db_prepare_input($_GET['oID']); xtc_db_query("delete from " . TABLE_PRODUCTS_XSELL_GROUPS . " where products_xsell_grp_name_id = '" . xtc_db_input($oID) . "'"); xtc_redirect(xtc_href_link(FILENAME_XSELL_GROUPS, 'page=' . $_GET['page'])); break; case 'delete':
function saveSpecialsData($products_id) { // decide whether to insert a new special, // or to update an existing one if ($_POST['specials_action'] == "insert" && isset($_POST['specials_price']) && !empty($_POST['specials_price'])) { // insert a new special, code taken from /admin/specials.php, and modified if (!isset($_POST['specials_quantity']) or empty($_POST['specials_quantity'])) { $_POST['specials_quantity'] = 0; } if (PRICE_IS_BRUTTO == 'true' && substr($_POST['specials_price'], -1) != '%') { $_POST['specials_price'] = $_POST['specials_price'] / ($_POST['tax_rate'] + 100) * 100; //web28 - 2010-07-27 - tax_rate from hidden field } if (substr($_POST['specials_price'], -1) == '%') { $_POST['specials_price'] = $_POST['products_price_hidden'] - $_POST['specials_price'] / 100 * $_POST['products_price_hidden']; //web28 - 2010-07-27 - products_price_hidden from hidden field } $expires_date = ''; if ($_POST['specials_expires']) { $expires_date = str_replace("-", "", $_POST['specials_expires']); } $sql_data_array = array('products_id' => $products_id, 'specials_quantity' => (int) $_POST['specials_quantity'], 'specials_new_products_price' => xtc_db_prepare_input($_POST['specials_price']), 'specials_date_added' => 'now()', 'expires_date' => $expires_date, 'status' => '1'); xtc_db_perform(TABLE_SPECIALS, $sql_data_array); } elseif ($_POST['specials_action'] == "update" && isset($_POST['specials_price']) && isset($_POST['specials_quantity'])) { // update the existing special for this product, code taken from /admin/specials.php, and modified if (PRICE_IS_BRUTTO == 'true' && substr($_POST['specials_price'], -1) != '%') { $sql = "SELECT tr.tax_rate\n FROM " . TABLE_TAX_RATES . " tr,\n " . TABLE_PRODUCTS . " p\n WHERE tr.tax_class_id = p. products_tax_class_id\n AND p.products_id = '" . $products_id . "' "; $tax_query = xtc_db_query($sql); $tax = xtc_db_fetch_array($tax_query); $_POST['specials_price'] = $_POST['specials_price'] / ($_POST['tax_rate'] + 100) * 100; //web28 - 2010-07-27 - tax_rate from hidden field } if (substr($_POST['specials_price'], -1) == '%') { $_POST['specials_price'] = $_POST['products_price_hidden'] - $_POST['specials_price'] / 100 * $_POST['products_price_hidden']; //web28 - 2010-07-27 - products_price_hidden from hidden field } $expires_date = 'NULL'; if ($_POST['specials_expires'] && $_POST['specials_status'] == 1) { //DokuMan - 2011-11-8 - from SP1b $expires_date = str_replace("-", "", $_POST['specials_expires']); } $sql_data_array = array('specials_quantity' => (int) $_POST['specials_quantity'], 'specials_new_products_price' => xtc_db_prepare_input($_POST['specials_price']), 'specials_date_added' => 'now()', 'expires_date' => $expires_date, 'status' => (int) $_POST['specials_status']); //$sql_data_array['specials_attribute'] = (int)$_POST['specials_attribute']; xtc_db_perform(TABLE_SPECIALS, $sql_data_array, 'update', "specials_id = '" . xtc_db_input($_POST['specials_id']) . "'"); } if (isset($_POST['specials_delete'])) { // delete existing special for this product, code taken from /admin/specials.php, and modified xtc_db_query("DELETE FROM " . TABLE_SPECIALS . " WHERE specials_id = '" . xtc_db_input($_POST['specials_id']) . "'"); } }
function insertPtoCconnection($pID, $cID) { $prod2cat_query = xtc_db_query("SELECT *\n\t\t\t\t\t\t\t\t\t\t FROM " . TABLE_PRODUCTS_TO_CATEGORIES . "\n\t\t\t\t\t\t\t\t\t\t WHERE\n\t\t\t\t\t\t\t\t\t\t categories_id='" . $cID . "'\n\t\t\t\t\t\t\t\t\t\t and products_id='" . $pID . "'"); if (!xtc_db_num_rows($prod2cat_query)) { $insert_data = array('products_id' => $pID, 'categories_id' => $cID); xtc_db_perform(TABLE_PRODUCTS_TO_CATEGORIES, $insert_data); } }
function status_install($stati = '') { // install order status if (!is_array($stati) || is_array($stati) && count($stati) < 1) { $stati = array('PAYPAL_INST_ORDER_STATUS_TMP_NAME' => 'PAYPAL_ORDER_STATUS_TMP_ID', 'PAYPAL_INST_ORDER_STATUS_SUCCESS_NAME' => 'PAYPAL_ORDER_STATUS_SUCCESS_ID', 'PAYPAL_INST_ORDER_STATUS_PENDING_NAME' => 'PAYPAL_ORDER_STATUS_PENDING_ID', 'PAYPAL_INST_ORDER_STATUS_CAPTURED_NAME' => 'PAYPAL_ORDER_STATUS_CAPTURED_ID', 'PAYPAL_INST_ORDER_STATUS_REFUNDED_NAME' => 'PAYPAL_ORDER_STATUS_REFUNDED_ID', 'PAYPAL_INST_ORDER_STATUS_REJECTED_NAME' => 'PAYPAL_ORDER_STATUS_REJECTED_ID'); } foreach ($stati as $statusname => $statusid) { $languages_query = xtc_db_query("SELECT * \n FROM " . TABLE_LANGUAGES . " \n ORDER BY sort_order"); while ($languages = xtc_db_fetch_array($languages_query)) { if (file_exists(DIR_FS_LANGUAGES . $languages['directory'] . '/admin/paypal_config.php')) { include DIR_FS_LANGUAGES . $languages['directory'] . '/admin/paypal_config.php'; } if (${$statusname} != '') { $check_query = xtc_db_query("SELECT orders_status_id \n FROM " . TABLE_ORDERS_STATUS . " \n WHERE orders_status_name = '" . xtc_db_input(${$statusname}) . "' \n AND language_id = '" . (int) $languages['languages_id'] . "' \n LIMIT 1"); $status = xtc_db_fetch_array($check_query); if (xtc_db_num_rows($check_query) < 1 || ${$statusid} && $status['orders_status_id'] != ${$statusid}) { if (!${$statusid}) { $status_query = xtc_db_query("SELECT max(orders_status_id) as status_id FROM " . TABLE_ORDERS_STATUS); $status = xtc_db_fetch_array($status_query); ${$statusid} = $status['status_id'] + 1; } $check_query = xtc_db_query("SELECT orders_status_id \n FROM " . TABLE_ORDERS_STATUS . " \n WHERE orders_status_id = '" . (int) ${$statusid} . "' \n AND language_id='" . (int) $languages['languages_id'] . "'"); if (xtc_db_num_rows($check_query) < 1) { $sql_data_array = array('orders_status_id' => (int) ${$statusid}, 'language_id' => (int) $languages['languages_id'], 'orders_status_name' => ${$statusname}); xtc_db_perform(TABLE_ORDERS_STATUS, $sql_data_array); $sql_data_array = array(array('config_key' => $statusid, 'config_value' => (int) ${$statusid})); $this->save_config($sql_data_array); } } else { ${$statusid} = $status['orders_status_id']; } } } } }
$parcel_link_txt .= $parcel_link . "\n\n"; } } $smarty->assign('PARCEL_COUNT', $parcel_count); $smarty->assign('PARCEL_LINK_HTML', $parcel_link_html); $smarty->assign('PARCEL_LINK_TXT', $parcel_link_txt); $html_mail = $smarty->fetch('db:change_order_mail.html'); $txt_mail = $smarty->fetch('db:change_order_mail.txt'); $order_subject_search = array('{$nr}', '{$date}', '{$lastname}', '{$firstname}'); $order_subject_replace = array($oID, strftime(DATE_FORMAT_LONG), $order->customer['lastname'], $order->customer['firstname']); $order_subject = str_replace($order_subject_search, $order_subject_replace, EMAIL_BILLING_SUBJECT); xtc_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, $check_status['customers_email_address'], $check_status['customers_name'], '', EMAIL_BILLING_REPLY_ADDRESS, EMAIL_BILLING_REPLY_ADDRESS_NAME, '', '', $order_subject, $html_mail, $txt_mail); $customer_notified = 1; } $sql_data_array = array('orders_id' => $oID, 'orders_status_id' => $status, 'date_added' => 'now()', 'customer_notified' => $customer_notified, 'comments' => $comments, 'comments_sent' => $_POST['notify_comments'] == 'on' ? 1 : 0); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); $order_updated = true; } // BOF - Fishnet Services - Nicolas Gemsjäger // PDF Rechnung automatisch generieren und per E-Mail versenden if (ENABLE_PDFBILL == 'true') { $pdfbill_send_check_qry = xtc_db_query("SELECT pdfbill_send FROM " . TABLE_ORDERS_STATUS . " WHERE orders_status_id = '" . $status . "' AND language_id = '" . $_SESSION['languages_id'] . "' AND pdfbill_send = '1' LIMIT 1"); if (xtc_db_num_rows($pdfbill_send_check_qry) == 1) { // Rechnungsnummer erzeugen (Fakturieren) if ($order->info['ibn_billnr'] == 0) { require_once DIR_FS_INC . 'xtc_get_next_ibillnr.inc.php'; require_once DIR_FS_INC . 'xtc_set_ibillnr.inc.php'; require_once DIR_FS_INC . 'xtc_inc_next_ibillnr.inc.php'; $ibillnr = xtc_get_next_ibillnr(); xtc_set_ibillnr($oID, $ibillnr); xtc_inc_next_ibillnr();
if (ACCOUNT_STATE == 'true') { if ($entry_zone_id > 0) { $sql_data_array['entry_zone_id'] = $entry_zone_id; $sql_data_array['entry_state'] = ''; } else { $sql_data_array['entry_zone_id'] = '0'; $sql_data_array['entry_state'] = $entry_state; } } if ($address_book_id == 0) { $sql_data_array['address_date_added'] = 'now()'; $sql_data_array['customers_id'] = $customers_id; xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'insert'); } else { //xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = '".xtc_db_input($customers_id)."' AND address_book_id = '".xtc_db_input($default_address_id)."'"); xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = '" . xtc_db_input($customers_id) . "' AND address_book_id = '" . xtc_db_input($address_book_id) . "'"); } xtc_redirect(xtc_href_link(FILENAME_CUSTOMERS, xtc_get_all_get_params(array('cID', 'action')) . 'cID=' . (int) $customers_id)); } elseif ($error == true) { $cInfo = new objectInfo($_POST); $processed = true; } break; case 'deleteconfirm': $customers_id = xtc_db_prepare_input($_GET['cID']); if ($_POST['delete_reviews'] == 'on') { $reviews_query = xtc_db_query("SELECT reviews_id FROM " . TABLE_REVIEWS . " WHERE customers_id = '" . xtc_db_input($customers_id) . "'"); while ($reviews = xtc_db_fetch_array($reviews_query)) { xtc_db_query("DELETE FROM " . TABLE_REVIEWS_DESCRIPTION . " WHERE reviews_id = '" . $reviews['reviews_id'] . "'"); } xtc_db_query("DELETE FROM " . TABLE_REVIEWS . " WHERE customers_id = '" . xtc_db_input($customers_id) . "'");
/** * Add history comment to database. * * @param integer $statusId * @param string $comment */ public function addOrderHistory($statusId, $comment) { $sql_data_history = array('orders_id' => $this->receivedData['order_id'], 'orders_status_id' => $statusId, 'date_added' => 'now()', 'customer_notified' => 1, 'comments' => $comment); xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_history); }