function payment_action()
{
global $order, $insert_id;
if (!isset($insert_id) || $insert_id == '') {
$insert_id = $_SESSION['tmp_oID'];
}
$this->payone->log("(pre-)authorizing {$this->code} payment");
$standard_parameters = parent::_standard_parameters();
$this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData();
parent::_set_customers_standard_params();
$this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData();
parent::_set_customers_shipping_params();
$this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_Wallet();
$this->payment_method->setWallettype('PPE');
$this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id());
$this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id());
$this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code);
// set order_id for deleting canceld order
$_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID'];
$request_parameters = parent::_request_parameters('wlt');
$this->params = array_merge($standard_parameters, $request_parameters);
$this->builder = new Payone_Builder($this->payone->getPayoneConfig());
parent::_build_service_authentification('wlt');
parent::_parse_response_payone_api();
xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'));
}
function xtc_hide_session_id()
{
global $session_started;
if ($session_started == true && defined('SID') && xtc_not_null(SID)) {
return xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
}
}
function xtc_update_whos_online()
{
$crawler = 0;
if (isset($_SESSION['customer_id'])) {
$wo_customer_id = (int) $_SESSION['customer_id'];
$customer_query = xtc_db_query("select\n customers_firstname,\n customers_lastname\n from " . TABLE_CUSTOMERS . "\n where customers_id = '" . $wo_customer_id . "'");
$customer = xtc_db_fetch_array($customer_query);
$wo_full_name = xtc_db_prepare_input($customer['customers_firstname'] . ' ' . $customer['customers_lastname']);
} else {
$wo_customer_id = '';
$crawler = xtc_check_agent();
if ($crawler !== 0) {
$wo_full_name = '[' . TEXT_SEARCH_ENGINE_AGENT . ']';
} else {
$wo_full_name = TEXT_GUEST;
}
}
if ($crawler !== 0) {
$wo_session_id = '';
} else {
$wo_session_id = xtc_session_id();
}
$wo_ip_address = xtc_db_prepare_input($_SESSION['tracking']['ip']);
$wo_last_page_url = xtc_db_prepare_input(strip_tags($_SERVER['REQUEST_URI']));
$wo_referer = xtc_db_prepare_input(isset($_SERVER['HTTP_REFERER']) ? strip_tags($_SERVER['HTTP_REFERER']) : '---');
$current_time = time();
$time_last_click = 900;
if (defined('WHOS_ONLINE_TIME_LAST_CLICK')) {
$time_last_click = (int) WHOS_ONLINE_TIME_LAST_CLICK;
}
$xx_mins_ago = time() - $time_last_click;
// remove entries that have expired
xtc_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'");
$stored_customer_query = xtc_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . $wo_session_id . "'");
$stored_customer = xtc_db_fetch_array($stored_customer_query);
$sql_data_array = array('customer_id' => $wo_customer_id, 'full_name' => xtc_db_prepare_input($wo_full_name), 'ip_address' => $wo_ip_address, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url);
if ($stored_customer['count'] > 0) {
xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array, 'update', "session_id = '" . $wo_session_id . "'");
} else {
$sql_data_array['time_entry'] = $current_time;
$sql_data_array['session_id'] = $wo_session_id;
$sql_data_array['http_referer'] = $wo_referer;
xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array);
}
}
public function payment_action()
{
global $insert_id;
$order = new order($insert_id);
$params = array('project' => MODULE_PAYMENT_MCP_SERVICE_PROJECT_CODE, 'amount' => $order->info['pp_total'] * 100, 'orderid' => $insert_id, 'title' => MODULE_PAYMENT_MCP_SERVICE_PAYTEXT, 'theme' => MODULE_PAYMENT_MCP_SERVICE_THEME, 'currency' => $order->info['currency'], xtc_session_name() => xtc_session_id(), 'mp_user_email' => $order->customer['email_address'], 'mp_user_firstname' => $order->customer['firstname'], 'mp_user_surname' => $order->customer['lastname'], 'mp_user_address' => $order->customer['street_address'], 'mp_user_zip' => $order->customer['postcode'], 'mp_user_city' => $order->customer['city'], 'mp_user_country' => $order->customer['country']['iso_code_2']);
if (defined('MODULE_PAYMENT_MCP_SERVICE_GFX') && MODULE_PAYMENT_MCP_SERVICE_GFX != null) {
$params['gfx'] = MODULE_PAYMENT_MCP_SERVICE_GFX;
}
if (defined('MODULE_PAYMENT_MCP_SERVICE_BGGFX') && MODULE_PAYMENT_MCP_SERVICE_BGGFX != null) {
$params['bggfx'] = MODULE_PAYMENT_MCP_SERVICE_BGGFX;
}
if (defined('MODULE_PAYMENT_MCP_SERVICE_BGCOLOR') && MODULE_PAYMENT_MCP_SERVICE_BGCOLOR) {
$params['bgcolor'] = MODULE_PAYMENT_MCP_SERVICE_BGCOLOR;
}
$urlParams = http_build_query($params, null, '&');
$seal = md5($urlParams . MODULE_PAYMENT_MCP_SERVICE_ACCESS_KEY);
$urlParams .= '&seal=' . $seal;
$url = $this->form_action_url . '?' . $urlParams;
xtc_redirect($url);
}
function xtc_update_whos_online()
{
if (isset($_SESSION['customer_id'])) {
$wo_customer_id = $_SESSION['customer_id'];
$customer_query = xtc_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . $_SESSION['customer_id'] . "'");
$customer = xtc_db_fetch_array($customer_query);
$wo_full_name = addslashes($customer['customers_firstname'] . ' ' . $customer['customers_lastname']);
} else {
$wo_customer_id = '';
$wo_full_name = 'Guest';
}
$wo_session_id = xtc_session_id();
$wo_ip_address = getenv('REMOTE_ADDR');
$wo_last_page_url = addslashes(getenv('REQUEST_URI'));
// MailBeez
// avoid /mailhive.php?cron_simple=1 in who is online table
if (preg_match("/mailhive.php/", $wo_last_page_url)) {
return false;
}
// - MailBeez
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
xtc_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'");
$stored_customer_query = xtc_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . $wo_session_id . "'");
$stored_customer = xtc_db_fetch_array($stored_customer_query);
if (strpos($wo_last_page_url, 'favicon.ico') === false && strpos($wo_last_page_url, 'rss.php') === false && strpos($wo_last_page_url, '.jpg') === false && strpos($wo_last_page_url, '.js.php') === false && strpos($wo_last_page_url, 'request_port.php') === false && strpos($wo_last_page_url, 'version_info.php') === false && strpos($wo_last_page_url, 'mailhive.php') === false) {
if ($stored_customer['count'] > 0) {
xtc_db_query("update " . TABLE_WHOS_ONLINE . " set customer_id = '" . $wo_customer_id . "', full_name = '" . $wo_full_name . "', ip_address = '" . $wo_ip_address . "', time_last_click = '" . $current_time . "', last_page_url = '" . $wo_last_page_url . "' where session_id = '" . $wo_session_id . "'");
} else {
if (!empty($wo_session_id)) {
xtc_db_query("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values ('" . $wo_customer_id . "', '" . $wo_full_name . "', '" . $wo_session_id . "', '" . $wo_ip_address . "', '" . $current_time . "', '" . $current_time . "', '" . $wo_last_page_url . "')");
}
}
}
}
function get_redirect_url($inline = false)
{
/**
* Create Rakuten Checkout Insert Cart XML request
*/
$xml = new SimpleXMLElement("<?xml version='1.0' encoding='UTF-8' ?><tradoria_insert_cart />");
$merchantAuth = $xml->addChild('merchant_authentication');
$merchantAuth->addChild('project_id', MODULE_PAYMENT_RAKUTEN_PROJECT_ID);
$merchantAuth->addChild('api_key', MODULE_PAYMENT_RAKUTEN_API_KEY);
$xml->addChild('language', 'DE');
$xml->addChild('currency', $_SESSION['currency']);
$merchantCart = $xml->addChild('merchant_carts')->addChild('merchant_cart');
$merchantCart->addChild('custom_1', xtc_session_name());
$merchantCart->addChild('custom_2', xtc_session_id());
$merchantCart->addChild('custom_3', $_SESSION['customer_id']);
$merchantCart->addChild('custom_4');
$merchantCartItems = $merchantCart->addChild('items');
if ($_SESSION['cart']->count_contents() > 0) {
$products = $_SESSION['cart']->get_products();
for ($i = 0, $n = sizeof($products); $i < $n; $i++) {
$t_image = '';
if ($products[$i]['image'] != '') {
$t_image = HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_THUMBNAIL_IMAGES . $products[$i]['image'];
}
$merchantCartItemsItem = $merchantCartItems->addChild('item');
$merchantCartItemsItemName = $merchantCartItemsItem->addChild('name');
$this->_add_CDATA($merchantCartItemsItemName, $products[$i]['name']);
$merchantCartItemsItem->addChild('sku', $this->_escape_str($products[$i]['model']));
// THIS ONE IS SHOWN
$merchantCartItemsItem->addChild('external_product_id', $this->_escape_str($products[$i]['id']));
// this one is not shown (optional)
$merchantCartItemsItem->addChild('qty', $products[$i]['quantity']);
// positive integers // TODO: check for decimal qty
$merchantCartItemsItem->addChild('unit_price', $products[$i]['price']);
$merchantCartItemsItem->addChild('tax_class', $this->get_rakuten_tax_class($products[$i]['tax_class_id']));
$merchantCartItemsItem->addChild('image_url', $this->_escape_str($t_image));
$product_url = xtc_href_link(FILENAME_PRODUCT_INFO, xtc_product_link($products[$i]['id'], $products[$i]['name']));
$merchantCartItemsItem->addChild('product_url', $this->_escape_str($product_url));
$comment = array();
if (isset($products[$i]['attributes'])) {
while (list($option, $value) = each($products[$i]['attributes'])) {
$attributes = xtc_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix,pa.attributes_stock,pa.products_attributes_id,pa.attributes_model,pa.weight_prefix,pa.options_values_weight\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n where pa.products_id = '" . (int) $products[$i]['id'] . "'\n and pa.options_id = '" . (int) $option . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . (int) $value . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . (int) $_SESSION['languages_id'] . "'\n and poval.language_id = '" . (int) $_SESSION['languages_id'] . "'");
$attributes_values = xtc_db_fetch_array($attributes);
$comment[] = $attributes_values['products_options_name'] . ': ' . $attributes_values['products_options_values_name'];
}
}
$comment = implode('; ', $comment);
$merchantCartItemsItemComment = $merchantCartItemsItem->addChild('comment');
$this->_add_CDATA($merchantCartItemsItemComment, $comment);
$merchantCartItemsItemCustom = $merchantCartItemsItem->addChild('custom');
$this->_add_CDATA($merchantCartItemsItemCustom, $products[$i]['id']);
}
}
$merchantCartShippingRates = $merchantCart->addChild('shipping_rates');
$shippingRates = $this->_str_get_csv(MODULE_PAYMENT_RAKUTEN_SHIPPING_RATES);
foreach ($shippingRates as $shippingRate) {
if (isset($shippingRate[0]) && isset($shippingRate[1]) && is_numeric($shippingRate[1])) {
$merchantCartShippingRate = $merchantCartShippingRates->addChild('shipping_rate');
$merchantCartShippingRate->addChild('country', (string) $shippingRate[0]);
$merchantCartShippingRate->addChild('price', (double) $shippingRate[1]);
if (isset($shippingRate[2]) && (int) $shippingRate[2] > 0) {
$merchantCartShippingRate->addChild('delivery_date', date('Y-m-d', strtotime('+' . (int) $shippingRate[2] . ' days')));
}
}
}
$billingAddressRestrictions = $xml->addChild('billing_address_restrictions');
/**
* Restrict invoice address to require private / commercial and by country
*/
switch (MODULE_PAYMENT_RAKUTEN_BILLING_ADDR_TYPE) {
/**
* 1: all
* 2: business
* 3: private
*/
case 'All Addresses':
$billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 1);
break;
case 'Business Addresses Only':
$billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 2);
break;
case 'Private Addresses Only':
$billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 3);
break;
}
$xml->addChild('callback_url', $this->ROCKBACK_URL);
$xml->addChild('pipe_url', $this->PIPE_URL);
$request = $xml->asXML();
$response = $this->send_request($request);
$redirectUrl = false;
$inlineUrl = false;
$inlineCode = false;
try {
$response = new SimpleXMLElement($response);
if ($response->success != 'true') {
throw new Exception((string) $response->message, (int) $response->code);
} else {
$redirectUrl = $response->redirect_url;
$inlineUrl = $response->inline_url;
$inlineCode = $response->inline_code;
}
} catch (Exception $e) {
xtc_redirect(sprintf($this->ERROR_URL, urlencode($e->getCode()), urlencode($e->getMessage())));
}
if ($inline) {
return $inlineCode;
} else {
return $redirectUrl;
}
}
function payment_action()
{
global $order, $insert_id;
if (!isset($insert_id) || $insert_id == '') {
$insert_id = $_SESSION['tmp_oID'];
}
$this->payone->log("(pre-)authorizing {$this->code} payment");
$standard_parameters = parent::_standard_parameters();
$this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData();
parent::_set_customers_standard_params();
$this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData();
parent::_set_customers_shipping_params();
$bankgroup = '';
if ($_SESSION[$this->code]['otrans_type'] == 'eps' || $_SESSION[$this->code]['otrans_type'] == 'ideal') {
$bankgroup = $_SESSION[$this->code]['otrans_bankgrouptype'];
}
$_SESSION[$this->code]['otrans_bankcountry'] = isset($_SESSION[$this->code]['otrans_bankcountry']) ? $_SESSION[$this->code]['otrans_bankcountry'] : $order->billing['country']['iso_code_2'];
$this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_OnlineBankTransfer();
$this->payment_method->setOnlinebanktransfertype($this->banktransfertypes[$_SESSION[$this->code]['otrans_type']]);
$this->payment_method->setBankcountry($_SESSION[$this->code]['otrans_bankcountry']);
if ($_SESSION[$this->code]['otrans_type'] == 'sofortueberweisung' && $_SESSION[$this->code]['otrans_country'] == 'CH') {
$this->payment_method->setBankaccount($_SESSION[$this->code]['otrans_bankaccount']);
$this->payment_method->setBankcode($_SESSION[$this->code]['otrans_bankcode']);
} else {
$this->payment_method->setIban($_SESSION[$this->code]['otrans_iban']);
$this->payment_method->setBic($_SESSION[$this->code]['otrans_bic']);
}
$this->payment_method->setBankgrouptype($bankgroup);
$this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id());
$this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id());
$this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code);
// set order_id for deleting canceld order
$_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID'];
$request_parameters = parent::_request_parameters('sb');
$this->params = array_merge($standard_parameters, $request_parameters);
$this->builder = new Payone_Builder($this->payone->getPayoneConfig());
parent::_build_service_authentification('sb');
parent::_parse_response_payone_api();
}
?>
<?php
echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('oID', '', 'size="12"') . xtc_draw_hidden_field('action', 'edit') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
</form>
</div>
<div class='col-xs-12'>
<?php
echo xtc_draw_form('payment_method_status', FILENAME_ORDERS, '', 'get');
?>
<?php
echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses), isset($_GET['status']) && xtc_not_null($_GET['status']) ? (int) $_GET['status'] : '', 'onchange="this.form.submit();"');
?>
<br />
<?php
echo HEADING_CHOOSE_PAYMENT . ' ' . xtc_draw_pull_down_menu('payment_method', array_merge(array(array('id' => '', 'text' => TEXT_ALL_PAYMENT_METHODS)), $payment_methods), isset($_GET['payment_method']) && xtc_not_null($_GET['payment_method']) ? $_GET['payment_method'] : '', 'onchange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
</form>
</div>
</div>
</div>
<div class='col-xs-12'><br></div>
<div class='col-xs-12'>
<div id='responsive_table' class='table-responsive pull-left col-sm-12'>
<table class="table table-bordered table-striped">
<tr class="dataTableHeadingRow">
<td class="dataTableHeadingContent"><?php
echo TABLE_HEADING_CUSTOMERS;
?>
</td>
<td class="dataTableHeadingContent" align="right"><?php
<form name="search" action="<?php
echo FILENAME_PRODUCTS_ATTRIBUTES;
?>
" method="GET">
<span class="main"><b><?php
echo TEXT_SEARCH;
?>
</b></span> <input type="text" name="search_optionsname" size="20" value="<?php
echo $_GET['search_optionsname'];
?>
">
<input name="<?php
echo xtc_session_name();
?>
" type="hidden" value="<?php
echo xtc_session_id();
?>
" />
</form>
</div>
<div class="col-xs-12">
<div class="smallText"><?php
echo $value_pages;
?>
</div>
</div>
<div class="col-xs-12">
<?php
echo xtc_black_line();
?>
</div>
function process_button()
{
global $order, $xtPrice;
$worldpay_url = xtc_session_name() . '=' . xtc_session_id();
$total = number_format($xtPrice->xtcCalculateCurr($order->info['total']), $xtPrice->get_decimal_places($_SESSION['currency']), '.', '');
$process_button_string = xtc_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) . xtc_draw_hidden_field('currency', $_SESSION['currency']) . xtc_draw_hidden_field('desc', 'Purchase from ' . STORE_NAME) . xtc_draw_hidden_field('cartId', $worldpay_url) . xtc_draw_hidden_field('amount', $total);
// Pre Auth Mod 3/1/2002 - Graeme Conkie
if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == 'true') {
$process_button_string .= xtc_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH);
}
// Ian-san: Create callback and language links here 6/4/2003:
$language_code_raw = xtc_db_query("select code from " . TABLE_LANGUAGES . " where languages_id ='" . $_SESSION['languages_id'] . "'");
$language_code_array = xtc_db_fetch_array($language_code_raw);
$language_code = $language_code_array['code'];
$address = encode_htmlspecialchars($order->customer['street_address'] . "\n" . $order->customer['suburb'] . "\n" . $order->customer['city'] . "\n" . $order->customer['state'], ENT_QUOTES);
$process_button_string .= xtc_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) . xtc_draw_hidden_field('name', $order->customer['firstname'] . ' ' . $order->customer['lastname']) . xtc_draw_hidden_field('address', $address) . xtc_draw_hidden_field('postcode', $order->customer['postcode']) . xtc_draw_hidden_field('country', $order->customer['country']['iso_code_2']) . xtc_draw_hidden_field('tel', $order->customer['telephone']) . xtc_draw_hidden_field('myvar', 'Y') . xtc_draw_hidden_field('fax', $order->customer['fax']) . xtc_draw_hidden_field('email', $order->customer['email_address']) . xtc_draw_hidden_field('lang', $language_code) . xtc_draw_hidden_field('MC_callback', xtc_href_link(wpcallback) . '.php') . xtc_draw_hidden_field('MC_XTCsid', $XTCsid);
// Ian-san: Added MD5 here 6/4/2003:
if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') {
$md5_signature_fields = 'amount:language:email';
$md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . number_format($order->info['total'] * $currencies->get_value($currency), $currencies->get_decimal_places($currency), '.', '') . ':' . $language_code . ':' . $order->customer['email_address'];
$md5_signature_md5 = md5($md5_signature);
$process_button_string .= xtc_draw_hidden_field('signatureFields', $md5_signature_fields) . xtc_draw_hidden_field('signature', $md5_signature_md5);
}
return $process_button_string;
}
function paypal_checkout()
{
// Stand: 27.03.2010
if (PAYPAL_MODE == 'sandbox') {
$this->API_UserName = PAYPAL_API_SANDBOX_USER;
$this->API_Password = PAYPAL_API_SANDBOX_PWD;
$this->API_Signature = PAYPAL_API_SANDBOX_SIGNATURE;
$this->API_Endpoint = 'https://api-3t.sandbox.paypal.com/nvp';
$this->EXPRESS_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=';
$this->GIROPAY_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_complete-express-checkout&token=';
$this->IPN_URL = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
} elseif (PAYPAL_MODE == 'live') {
$this->API_UserName = PAYPAL_API_USER;
$this->API_Password = PAYPAL_API_PWD;
$this->API_Signature = PAYPAL_API_SIGNATURE;
$this->API_Endpoint = 'https://api-3t.paypal.com/nvp';
$this->EXPRESS_URL = 'https://www.paypal.com/webscr?cmd=_express-checkout&token=';
$this->GIROPAY_URL = 'https://www.paypal.com/webscr?cmd=_complete-express-checkout&token=';
$this->IPN_URL = 'https://www.paypal.com/cgi-bin/webscr';
}
if (ENABLE_SSL == true) {
$this->NOTIFY_URL = HTTPS_SERVER . DIR_WS_CATALOG . 'callback/paypal/ipn.php';
$this->EXPRESS_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->EXPRESS_RETURN_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_PAYPAL_CHECKOUT . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->PRE_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&error=true&error_message=' . PAYPAL_ERROR;
$this->RETURN_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->GIROPAY_SUCCESS_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->GIROPAY_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->BANKTXN_PENDING_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
} else {
$this->NOTIFY_URL = HTTP_SERVER . DIR_WS_CATALOG . 'callback/paypal/ipn.php';
$this->EXPRESS_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->EXPRESS_RETURN_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_PAYPAL_CHECKOUT . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->PRE_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&error=true&error_message=' . PAYPAL_ERROR;
$this->RETURN_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->GIROPAY_SUCCESS_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->GIROPAY_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
$this->BANKTXN_PENDING_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
}
$this->version = VERSION;
$this->USE_PROXY = FALSE;
$this->payPalURL = '';
$this->ppAPIec = $this->buildAPIKey(PAYPAL_API_KEY);
if (ENABLE_SSL == true) {
$hdrImg = 'templates/' . CURRENT_TEMPLATE . '/img/' . PAYPAL_API_IMAGE;
if (file_exists(DIR_FS_CATALOG . $hdrImg) && PAYPAL_API_IMAGE != '') {
$hdrSize = getimagesize(DIR_FS_CATALOG . $hdrImg);
if ($hdrSize[0] <= 750 && $hdrSize[1] <= 90) {
$this->Image = urlencode(HTTPS_SERVER . DIR_WS_CATALOG . $hdrImg);
}
}
}
if (preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/', PAYPAL_API_CO_BACK)) {
$this->BackColor = PAYPAL_API_CO_BACK;
}
if (preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/', PAYPAL_API_CO_BORD)) {
$this->BorderColor = PAYPAL_API_CO_BORD;
}
}
<?php
echo xtc_draw_form('orders', FILENAME_ORDERS, '', 'get');
?>
<?php
echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('oID', '', 'size="12"') . xtc_draw_hidden_field('action', 'edit') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
</form>
</td>
</tr>
<tr>
<td class="main" valign="top">Customers</td>
<td class="main" valign="top" align="right"><?php
echo xtc_draw_form('status', FILENAME_ORDERS, '', 'get');
?>
<?php
echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses), '', 'onChange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
</form></td>
</tr>
</table>
</td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr class="dataTableHeadingRow">
</tr>
<tr>
<td class="main">
<?php
foreach ($messages as $msg) {
?>
<p class="message"><?php
echo $msg;
?>
</p>
<?php
}
?>
<?php
echo xtc_draw_form('log', basename($PHP_SELF), '', 'get') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
<table style="border: 1px solid #cccccc; width:100%; padding:5px; background:#f1f1f1;">
<tr>
<td class="menuBoxHeading">
<?php
echo START_DATE;
?>
<select name="startD" size="1">
<?php
if ($startDate) {
$j = date("j", $startDate);
} else {
$j = 1;
}
for ($i = 1; $i < 32; $i++) {
/**
* Outputs the html form hidden elements sent as POST data to the payment
* gateway.
*
* @return string
*/
public function processButton()
{
global $order;
$shipping = $_SESSION['shipping'];
$invoiceType = $_POST["klarna_{$this->_option}_invoice_type"];
$reference = $_POST["klarna_{$this->_option}_reference"];
$process_button_string = $this->_utils->hiddenFieldString($this->_addrs, $invoiceType, $this->_paymentPlan, $order->customer['email_address'], $reference);
if ($this->_addrs->isCompany) {
$process_button_string .= xtc_draw_hidden_field('klarna_fname', $order->delivery['firstname']) . xtc_draw_hidden_field('klarna_lname', $order->delivery['lastname']);
} else {
$process_button_string .= xtc_draw_hidden_field('klarna_fname', $this->_addrs->getFirstName()) . xtc_draw_hidden_field('klarna_lname', $this->_addrs->getLastName());
}
$_SESSION['klarna_ot'] = $this->_utils->getOrderTotal();
$process_button_string .= xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
return $process_button_string;
}
function payment_action()
{
global $order, $insert_id;
if (!isset($insert_id) || $insert_id == '') {
$insert_id = $_SESSION['tmp_oID'];
}
$this->payone->log("(pre-)authorizing {$this->code} payment");
$standard_parameters = parent::_standard_parameters('preauthorization');
$this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData();
parent::_set_customers_standard_params();
// set manually for klarna
if ($_SESSION[$this->code]['installment_type'] == 'klarna') {
$this->personal_data->setBirthday(xtc_date_raw($_SESSION[$this->code]['installment_customers_dob']));
$this->personal_data->setTelephonenumber($_SESSION[$this->code]['installment_customers_telephone']);
}
$this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData();
parent::_set_customers_shipping_params();
$this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_Financing();
$this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id());
$this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id());
$this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code);
// set order_id for deleting canceld order
$_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID'];
$financingtype = $this->installmenttypes[$_SESSION[$this->code]['installment_type']];
$this->payment_method->setFinancingtype($financingtype);
$request_parameters = parent::_request_parameters('fnc');
if (!isset($request_parameters['invoicing'])) {
$request_parameters['invoicing'] = $this->_getInvoicingTransaction($insert_id);
}
$this->params = array_merge($standard_parameters, $request_parameters);
$this->builder = new Payone_Builder($this->payone->getPayoneConfig());
parent::_build_service_authentification('fnc');
parent::_parse_response_payone_api();
xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'));
}
function process_rope_request($request)
{
try {
$this->_request = new SimpleXMLElement(urldecode($request), LIBXML_NOCDATA);
if (!$this->_auth()) {
throw new Exception('Authentication failed');
}
$init_session = true;
/**
* Check type of request and call proper handler
*/
switch ($this->_request->getName()) {
case 'tradoria_check_order':
$this->_order_node = 'order';
$this->_process_function = '_check_order';
$response_tag = 'tradoria_check_order_response';
break;
case 'tradoria_order_process':
$this->_order_node = 'cart';
$this->_process_function = '_process_order';
$response_tag = 'tradoria_order_process_response';
break;
case 'tradoria_order_status':
$init_session = false;
$this->_process_function = '_status_update';
$response_tag = 'tradoria_order_status_response';
break;
default:
/**
* Unrecognised request error
*/
$response_tag = 'unknown_error';
return $this->prepare_response(false, $response_tag);
}
if ($init_session) {
/**
* Instantiate Session
*/
$session_name = (string) $this->_request->{$this->_order_node}->custom_1;
$session_id = (string) $this->_request->{$this->_order_node}->custom_2;
$customer_id = (string) $this->_request->{$this->_order_node}->custom_3;
xtc_session_name($session_name);
if (STORE_SESSIONS != 'mysql') {
session_save_path(SESSION_WRITE_DIRECTORY);
}
xtc_session_id($session_id);
xtc_session_start();
/**
* Load the correct language file
*/
require_once DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/rakuten.php';
require_once DIR_WS_CLASSES . 'xtcPrice.php';
global $xtPrice;
$xtPrice = new xtcPrice($_SESSION['currency'], $_SESSION['customers_status']['customers_status_id']);
require_once DIR_WS_CLASSES . 'main.php';
global $main;
$main = new main();
}
$response = $this->{$this->_process_function}();
} catch (Exception $e) {
return $this->prepare_response(false);
}
return $this->prepare_response($response, $response_tag);
}
echo xtc_draw_hidden_field('opID', $order->products[$i]['opid']);
//BOF - DokuMan - 2010-09-07 - variables for correct deletion of products (thx to franky_n)
echo xtc_draw_hidden_field('del_qty', $order->products[$i]['qty']);
echo xtc_draw_hidden_field('del_pID', $order->products[$i]['id']);
//EOF - DokuMan - 2010-09-07 - variables for correct deletion of products (thx to franky_n)
echo '<input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_DELETE . '"/>';
?>
</form>
<?php
echo xtc_draw_form('select_options', FILENAME_ORDERS_EDIT, '', 'GET');
echo xtc_draw_hidden_field('edit_action', 'options');
echo xtc_draw_hidden_field('pID', $order->products[$i]['id']);
echo xtc_draw_hidden_field('oID', $_GET['oID']);
echo xtc_draw_hidden_field('opID', $order->products[$i]['opid']);
//BOF - web28 - 2011-01-16 - FIX missing sessions id
echo xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
//EOF - web28 - 2011-01-16 - FIX missing sessions id
echo '<input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_PRODUCT_OPTIONS . '"/>';
?>
</form>
</td> </td>
</tr>
<?php
}
?>
</table>
<br /><br />
<!-- Artikelbearbeitung Ende //-->
<!-- Artikel Einfügen Anfang //-->
/**
* Creates a SEO safe error link.
*
* @param string $page page
* @param string $parameters parameters
* @param string $connection connection
* @param bool $add_session_id add session id
* @param bool $search_engine_safe SEO friendly
*
* @return string
*/
public function errorLink($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true)
{
global $request_type, $session_started, $SID;
if (!xtc_not_null($page)) {
die('<br><br><font color="#f3014d"><b>Error!</b></font><br><br>' . '<b>Unable to determine the page link!<br><br>');
}
if ($connection == 'NONSSL') {
$link = HTTP_SERVER . DIR_WS_HTTP_CATALOG;
} else {
if ($connection == 'SSL') {
if (ENABLE_SSL == true) {
$link = HTTPS_SERVER . DIR_WS_CATALOG;
} else {
$link = HTTP_SERVER . DIR_WS_CATALOG;
}
} else {
die('<br><br><font color="#f3014d"><b>Error!</b></font><br><br>' . '<b>Unable to determine connection method on a link!<br><br>' . 'Known methods: NONSSL SSL</b><br><br>');
}
}
if (xtc_not_null($parameters)) {
$link .= $page . '?' . $this->klarnaOutputString($parameters);
$separator = '&';
} else {
$link .= $page;
$separator = '?';
}
while (substr($link, -1) == '&' || substr($link, -1) == '?') {
$link = substr($link, 0, -1);
}
// Add the session ID when moving from different HTTP and HTTPS servers,
// or when SID is defined
if ($add_session_id == true && $session_started == true && SESSION_FORCE_COOKIE_USE == 'false') {
if (xtc_not_null($SID)) {
$_sid = $SID;
} else {
if ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL == true || $request_type == 'SSL' && $connection == 'NONSSL') {
if (HTTP_COOKIE_DOMAIN != HTTPS_COOKIE_DOMAIN) {
$_sid = xtc_session_name() . '=' . xtc_session_id();
}
}
}
}
if (SEARCH_ENGINE_FRIENDLY_URLS == 'true' && $search_engine_safe == true) {
while (strstr($link, '&&')) {
$link = str_replace('&&', '&', $link);
}
$link = str_replace('?', '/', $link);
$link = str_replace('&', '/', $link);
$link = str_replace('=', '/', $link);
$separator = '?';
}
if (isset($_sid)) {
$link .= $separator . $_sid;
}
return $link;
}
?>
</p>
</div>
<div class='col-xs-6 text-right'>
<?php
echo xtc_draw_form('search', FILENAME_CATEGORIES, '', 'get');
echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('search', $search) . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
</form>
<?php
if (CAT_VIEW_DROPDOWN) {
?>
<?php
echo xtc_draw_form('goto', FILENAME_CATEGORIES, '', 'get');
echo HEADING_TITLE_GOTO . ' ' . xtc_draw_pull_down_menu('cPath', xtc_get_category_tree(), $current_category_id, 'onChange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
</form>
<?php
}
?>
</div>
<div class='col-xs-12'> <br> </div>
<!-- search and quickjump -->
<div class='col-xs-12'>
<div id='responsive_table' class='table-responsive pull-left col-sm-12'>
<!-- categories and products table -->
<table class='table table-bordered'>
<tr class="dataTableHeadingRow">
<td class="dataTableHeadingContent hidden-xs" width="4%" align="center">
<?php
?>
</div>
</form>
</div>
<div class="col-xs-12 smallText text-center">
<?php
echo xtc_draw_form('status', FILENAME_CUSTOMERS, '', 'get');
$select_data = array();
//BOF - GTB - 2011-02-03 - show selected customer group
//$select_data = array (array ('id' => '99', 'text' => TEXT_SELECT), array ('id' => '100', 'text' => TEXT_ALL_CUSTOMERS));
$select_data = array(array('id' => '', 'text' => TEXT_SELECT), array('id' => '100', 'text' => TEXT_ALL_CUSTOMERS));
//<td class="smallText" align="right"><?php echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status',xtc_array_merge($select_data, $customers_statuses_array), '99', 'onChange="this.form.submit();"').xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); </td>
//EOF - GTB - 2011-02-03 - show selected customer group
?>
<?php
echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', xtc_array_merge($select_data, $customers_statuses_array), isset($_GET['status']) ? $_GET['status'] : '', 'onChange="this.form.submit();" style="max-width: 200px;"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
</form>
</div>
<div class='col-xs-12'>
<div id='responsive_table' class='table-responsive pull-left col-sm-12'>
<table class="table table-bordered">
<tr class="dataTableHeadingRow">
<td class="dataTableHeadingContent hidden-xs hidden-sm" width="40"><?php
echo TABLE_HEADING_ACCOUNT_TYPE;
?>
</td>
<td class="dataTableHeadingContent"><?php
echo TABLE_HEADING_CUSTOMERSCID . xtc_sorting(FILENAME_CUSTOMERS, 'customers_cid');
?>
</td>
if (sizeof($order->products[$i]['properties']) > 0) {
for ($j = 0, $k = sizeof($order->products[$i]['properties']); $j < $k; $j++) {
if (!empty($order->products[$i]['properties'][$j]['properties_name']) || !empty($order->products[$i]['properties'][$j]['values_name'])) {
$contents[] = array('text' => '<small> <i> - ' . $order->products[$i]['properties'][$j]['properties_name'] . ': ' . $order->products[$i]['properties'][$j]['values_name'] . '</i></small></nobr>');
}
}
}
# properties EOF
}
// elari End add display products
$contents[] = array('text' => '<br />');
// BOF GM_MOD EOF
}
// bof gm
$gm_heading_multi_status[] = array('text' => '<b>' . HEADING_GM_STATUS . '</b>');
$content_multi_order_status[] = array('text' => xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()));
$content_multi_order_status[] = array('text' => xtc_draw_hidden_field('action', 'gm_multi_status') . xtc_draw_hidden_field('page', $_GET['page']));
$content_multi_order_status[] = array('text' => xtc_draw_pull_down_menu('gm_status', array_merge(array(array('id' => '', 'text' => TEXT_GM_STATUS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses)));
/* magnalister v2.0.0 */
if (function_exists('magnaExecute')) {
magnaExecute('magnaRenderOrderStatusSync', array('multi' => true), array('order_details.php'));
}
/* END magnalister */
$content_multi_order_status[] = array('text' => xtc_draw_checkbox_field('gm_notify', 'on') . ENTRY_NOTIFY_CUSTOMER);
$content_multi_order_status[] = array('text' => xtc_draw_checkbox_field('gm_notify_comments', 'on') . ENTRY_NOTIFY_COMMENTS);
$content_multi_order_status[] = array('text' => TABLE_HEADING_COMMENTS . '<br>' . xtc_draw_textarea_field('gm_comments', '', 24, 5, $_GET['comments'], '', false) . '<br>');
$content_multi_order_status[] = array('align' => 'left', 'text' => '<div align="center"><input type="submit" class="button" value="' . BUTTON_CONFIRM . '"></form></div>');
$content_multi_order_status[] = array('align' => 'left', 'text' => '<br />');
// eof gm
break;
}