public function executePostActionsHook($strAction, \DataContainer $dc)
{
if ($strAction !== static::$uploadAction) {
return false;
}
// Check whether the field is allowed for regular users
if (!isset($GLOBALS['TL_DCA'][$dc->table]['fields'][\Input::post('field')]) || $GLOBALS['TL_DCA'][$dc->table]['fields'][\Input::post('field')]['exclude'] && !\BackendUser::getInstance()->hasAccess($dc->table . '::' . \Input::post('field'), 'alexf')) {
\System::log('Field "' . \Input::post('field') . '" is not an allowed selector field (possible SQL injection attempt)', __METHOD__, TL_ERROR);
$objResponse = new ResponseError();
$objResponse->setMessage('Bad Request');
$objResponse->output();
}
$this->name = \Input::post('field');
$this->id = \Input::post('field');
$this->field = \Input::post('field');
if ($dc->activeRecord === null) {
$dc->activeRecord = General::getModelInstance($dc->table, $dc->id);
}
// add dca attributes
$this->addAttributes(\Widget::getAttributesFromDca($GLOBALS['TL_DCA'][$dc->table]['fields'][$this->name], $this->name));
$objResponse = $this->upload();
/** @var Response */
if ($objResponse instanceof Response) {
$objResponse->output();
}
}
/**
* Find the longitute and latitude from a location string
* @param type $strAddress
* @param type $strCountry
* @example http://wiki.openstreetmap.org/wiki/Nominatim#Examples
*/
public static function getLonLat($strAddress, $strCountry = null)
{
$strQuery = 'https://nominatim.openstreetmap.org/search?' . 'q=' . rawurlencode($strAddress) . '&format=json' . '&accept-language=' . $GLOBALS['TL_LANGUAGE'] . '&limit=1';
if ($strCountry) {
$strQuery .= '&countrycodes=' . $strCountry;
}
$objRequest = new \Request();
$objRequest->send($strQuery);
// Return on error
if ($objRequest->hasError()) {
\System::log("Failed Request '{$strQuery}' with error '{$objRequest->error}'", __METHOD__, TL_ERROR);
return false;
}
$arrResponse = json_decode($objRequest->response);
// Return on empty response
if (!count($arrResponse)) {
\System::log("Empty Request for address '{$strAddress}': '{$strQuery}'", __METHOD__, TL_ERROR);
return false;
}
// Display copyright and licence in backend
if (TL_MODE == 'BE') {
\Message::addInfo($arrResponse[0]->licence);
}
return array('licence' => $arrResponse[0]->licence, 'address' => $arrResponse[0]->display_name, 'latitude' => $arrResponse[0]->lat, 'longitude' => $arrResponse[0]->lon);
}
/**
* Check permissions for that entry
* @return void
*/
public static function check()
{
$session = \Session::getInstance()->getData();
if (\Input::get('act') == 'delete' && in_array(\Input::get('id'), static::getUndeletableIds())) {
\System::log('Product type ID ' . \Input::get('id') . ' is used in an order and can\'t be deleted', __METHOD__, TL_ERROR);
\Controller::redirect('contao/main.php?act=error');
} elseif (\Input::get('act') == 'deleteAll' && is_array($session['CURRENT']['IDS'])) {
$arrDeletable = array_diff($session['CURRENT']['IDS'], static::getUndeletableIds());
if (count($arrDeletable) != count($session['CURRENT']['IDS'])) {
$session['CURRENT']['IDS'] = array_values($arrDeletable);
\Session::getInstance()->setData($session);
\Message::addInfo($GLOBALS['TL_LANG']['MSC']['undeletableRecords']);
}
}
// Disable variants if no such attributes are available
\Controller::loadDataContainer('tl_iso_product');
$blnVariants = false;
foreach ($GLOBALS['TL_DCA']['tl_iso_product']['fields'] as $strName => $arrConfig) {
$objAttribute = $GLOBALS['TL_DCA']['tl_iso_product']['attributes'][$strName];
if (null !== $objAttribute && $objAttribute->isVariantOption()) {
$blnVariants = true;
break;
}
}
if (!$blnVariants) {
\System::loadLanguageFile('explain');
unset($GLOBALS['TL_DCA']['tl_iso_producttype']['subpalettes']['variants']);
$GLOBALS['TL_DCA']['tl_iso_producttype']['fields']['variants']['input_field_callback'] = function ($dc) {
// Make sure variants are disabled in this product type (see #1114)
\Database::getInstance()->prepare("UPDATE " . $dc->table . " SET variants='' WHERE id=?")->execute($dc->id);
return '<br><p class="tl_info">' . $GLOBALS['TL_LANG']['XPL']['noVariantAttributes'] . '</p>';
};
}
}
/**
* Find the longitute and latitude from a location string
* @param string $strAddress Optimal format: street (+number), postal, city [country]
* @param string
* @return array|bool return an array with logitute, latitude and address or false if error or empty results
* @example https://developers.google.com/maps/documentation/geocoding/?hl=de
*/
public static function getLonLat($strAddress, $strCountry = null)
{
// Google Geocoding API v3
$strUrl = 'https://maps.googleapis.com/maps/api/geocode/json';
$arrParams = array('address' => $strAddress, 'language' => $GLOBALS['TL_LANGUAGE']);
if (\Config::get('anystores_apiKey')) {
$arrParams['key'] = \Config::get('anystores_apiKey');
}
$strQuery = $strUrl . '?' . http_build_query($arrParams, '', '&');
if ($strCountry) {
$strQuery .= '&components=country:' . strtoupper($strCountry);
}
$objRequest = new \Request();
$objRequest->send($strQuery);
if (!$objRequest->hasError()) {
$objResponse = json_decode($objRequest->response);
// check the possible return status
switch ($objResponse->status) {
case 'OK':
return array('address' => $objResponse->results[0]->formatted_address, 'longitude' => $objResponse->results[0]->geometry->location->lng, 'latitude' => $objResponse->results[0]->geometry->location->lat);
case 'ZERO_RESULTS':
case 'OVER_QUERY_LIMIT':
case 'REQUEST_DENIED':
case 'INVALID_REQUEST':
default:
\System::log("Google Maps API return error '{$objResponse->status}' for '{$strAddress}': {$objResponse->error_message}", __METHOD__, TL_ERROR);
return false;
}
}
\System::log("Failed Request '{$strQuery}' with error '{$objRequest->error}'", __METHOD__, TL_ERROR);
return false;
}
/**
* Process Transaction URL notification
*
* @param IsotopeProductCollection|Order $objOrder
*/
public function processPostsale(IsotopeProductCollection $objOrder)
{
if (\Input::post('aid') != $this->payone_aid || \Input::post('portalid') != $this->payone_portalid || \Input::post('mode') == 'test' && !$this->debug || \Input::post('mode') == 'live' && $this->debug) {
\System::log('PayOne configuration mismatch', __METHOD__, TL_ERROR);
die('TSOK');
}
// Ignore all except these actions
if (\Input::post('txaction') != 'appointed' && \Input::post('txaction') != 'capture' && \Input::post('txaction') != 'paid') {
die('TSOK');
}
if (\Input::post('currency') != $objOrder->currency || $objOrder->getTotal() != \Input::post('price')) {
\System::log('PayOne order data mismatch for Order ID "' . \Input::post('reference') . '"', __METHOD__, TL_ERROR);
die('TSOK');
}
if (!$objOrder->checkout()) {
\System::log('Postsale checkout for Order ID "' . \Input::post('reference') . '" failed', __METHOD__, TL_ERROR);
die('TSOK');
}
if (\Input::post('txaction') == 'paid' && \Input::post('balance') == 0) {
$objOrder->date_paid = time();
}
$objOrder->updateOrderStatus($this->new_order_status);
$objOrder->save();
// PayOne must get TSOK as return value, otherwise the request will be sent again
die('TSOK');
}
/**
* Run the controller
*/
public function run()
{
// Check if shop has been installed
$blnInstalled = \Database::getInstance()->tableExists(\Isotope\Model\Config::getTable());
$strStep = '';
foreach (scan(TL_ROOT . '/system/modules/isotope/library/Isotope/Upgrade') as $strFile) {
$strVersion = pathinfo($strFile, PATHINFO_FILENAME);
if (preg_match('/To[0-9]{10}/', $strVersion)) {
$strClass = 'Isotope\\Upgrade\\' . $strVersion;
$strStep = 'Version ' . \Haste\Util\Format::repositoryVersion(substr($strVersion, 2));
try {
$objUpgrade = new $strClass();
$objUpgrade->run($blnInstalled);
} catch (\Exception $e) {
$this->handleException($strStep, $e);
}
}
}
if ($blnInstalled) {
try {
$this->verifySystemIntegrity();
$this->purgeCaches();
} catch (\Exception $e) {
$this->handleException('Finalization', $e);
}
}
if ($strStep != '') {
\System::log('Upgraded Isotope eCommerce to ' . $strStep, TL_INFO, __METHOD__);
}
}
/**
* Create file
*
* @param Message
* @param array
* @param string
* @return bool
*/
public function send(Message $objMessage, array $arrTokens, $strLanguage = '')
{
if ($strLanguage == '') {
$strLanguage = $GLOBALS['TL_LANGUAGE'];
}
if (($objLanguage = Language::findByMessageAndLanguageOrFallback($objMessage, $strLanguage)) === null) {
\System::log(sprintf('Could not find matching language or fallback for message ID "%s" and language "%s".', $objMessage->id, $strLanguage), __METHOD__, TL_ERROR);
return false;
}
$strFileName = \Haste\Util\StringUtil::recursiveReplaceTokensAndTags($objLanguage->file_name, $arrTokens, String::NO_TAGS | String::NO_BREAKS);
// Escape quotes and line breaks for CSV files
if ($this->objModel->file_type == 'csv') {
array_walk($arrTokens, function (&$varValue) {
$varValue = str_replace(array('"', "\r\n", "\r"), array('""', "\n", "\n"), $varValue);
});
}
// Preserve all tags here as this is pretty useful in XML :-)
$strContent = \Haste\Util\StringUtil::recursiveReplaceTokensAndTags($objLanguage->file_content, $arrTokens);
try {
return $this->save($strFileName, $strContent, (string) $objLanguage->file_storage_mode);
} catch (\Exception $e) {
\System::log('Notification Center gateway error: ' . $e->getMessage(), __METHOD__, TL_ERROR);
return false;
}
}
/**
* Perform server to server data check
*
* @param IsotopeProductCollection|Order $objOrder
*/
public function processPostsale(IsotopeProductCollection $objOrder)
{
// Verify payment status
if (\Input::post('vads_result') != '00') {
\System::log('Payment for order ID "' . $objOrder->id . '" failed.', __METHOD__, TL_ERROR);
return;
}
// Validate HMAC sign
if (\Input::post('signature') != $this->calculateSignature($_POST, $this->vads_certificate)) {
\System::log('Invalid signature for Order ID ' . $objOrder->id, __METHOD__, TL_ERROR);
return;
}
// For maximum security, also validate individual parameters
if (!$this->validateInboundParameters($objOrder)) {
\System::log('Parameter mismatch for Order ID ' . $objOrder->id, __METHOD__, TL_ERROR);
return;
}
if (!$objOrder->checkout()) {
\System::log('Postsale checkout for Order ID "' . $objOrder->id . '" failed', __METHOD__, TL_ERROR);
return;
}
$objOrder->date_paid = time();
$objOrder->updateOrderStatus($this->new_order_status);
$objOrder->save();
}
/**
* Process Transaction URL notification
* @param IsotopeProductCollection
*/
public function processPostSale(IsotopeProductCollection $objOrder)
{
if (\Input::post('tr_error') != 'none') {
\System::log('Transferuj.pl response error: ' . \Input::post('tr_error'), __METHOD__, TL_ERROR);
die('TRUE');
}
if (\Input::post('transferujpl_id') == $this->transferujpl_id && \Input::post('tr_status') == 'TRUE') {
$strHash = md5($this->transferujpl_id . \Input::post('tr_id') . number_format(round($objOrder->getTotal(), 2), 2, '.', '') . $objOrder->id . $this->transferujpl_code);
if (\Input::post('md5sum') == $strHash) {
// Checkout failed
if (!$objOrder->checkout()) {
\System::log('Transferuj.pl checkout for order ID "' . $objOrder->id . '" failed', __METHOD__, TL_ERROR);
die('TRUE');
}
$arrPayment = deserialize($objOrder->payment_data, true);
$arrPayment['POSTSALE'][] = $_POST;
$objOrder->payment_data = $arrPayment;
$objOrder->date_paid = time();
$objOrder->updateOrderStatus($this->new_order_status);
$objOrder->save();
\System::log('Transferuj.pl data accepted for order ID "' . $objOrder->id . '"', __METHOD__, TL_GENERAL);
}
}
die('TRUE');
}
/**
* Check permissions to edit table.
*/
public function checkPermission()
{
if (!\BackendUser::getInstance()->isAdmin) {
\System::log('Not enough permissions to access leads export ID "' . \Input::get('id') . '"', __METHOD__, TL_ERROR);
\Controller::redirect('contao/main.php?act=error');
}
}
/**
* Process Instant Payment Notifications (IPN)
* @param IsotopeProductCollection
*/
public function processPostSale(IsotopeProductCollection $objOrder)
{
if (\Input::post('instId') != $this->worldpay_instId) {
\System::log('Installation ID does not match', __METHOD__, TL_ERROR);
$this->postsaleError();
}
// Validate payment data
if ($objOrder->currency != \Input::post('currency') || $objOrder->getTotal() != \Input::post('amount') || $this->worldpay_callbackPW != \Input::post('callbackPW') || !$this->debug && \Input::post('testMode') == '100') {
\System::log('Data manipulation in payment from "' . \Input::post('email') . '" !', __METHOD__, TL_ERROR);
$this->postsaleError();
}
// Order status cancelled and order not yet completed, do nothing
if (\Input::post('transStatus') != 'Y' && $objOrder->status == 0) {
$this->postsaleError();
}
if (\Input::post('transStatus') == 'Y') {
if (!$objOrder->checkout()) {
\System::log('Checkout for Order ID "' . $objOrder->id . '" failed', __METHOD__, TL_ERROR);
$this->postsaleError();
}
$objOrder->date_paid = time();
$objOrder->updateOrderStatus($this->new_order_status);
}
// Store request data in order for future references
$arrPayment = deserialize($objOrder->payment_data, true);
$arrPayment['POSTSALE'][] = $_POST;
$objOrder->payment_data = $arrPayment;
$objOrder->save();
$this->postsaleSuccess($objOrder);
}
/**
* Show message while we are waiting for server-to-server order confirmation
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return boolean
*/
public function processPayment(IsotopeProductCollection $objOrder, \Module $objModule)
{
if ($objOrder->order_status > 0) {
unset($_SESSION['POSTSALE_TIMEOUT']);
return true;
}
if (!isset($_SESSION['POSTSALE_TIMEOUT'])) {
$_SESSION['POSTSALE_TIMEOUT'] = 12;
} else {
$_SESSION['POSTSALE_TIMEOUT'] = $_SESSION['POSTSALE_TIMEOUT'] - 1;
}
if ($_SESSION['POSTSALE_TIMEOUT'] > 0) {
// Reload page every 5 seconds
$GLOBALS['TL_HEAD'][] = '<meta http-equiv="refresh" content="5,' . \Environment::get('base') . \Environment::get('request') . '">';
// Do not index or cache the page
global $objPage;
$objPage->noSearch = 1;
$objPage->cache = 0;
$objTemplate = new \Isotope\Template('mod_message');
$objTemplate->type = 'processing';
$objTemplate->message = $GLOBALS['TL_LANG']['MSC']['payment_processing'];
return $objTemplate->parse();
}
unset($_SESSION['POSTSALE_TIMEOUT']);
\System::log('Payment could not be processed.', __METHOD__, TL_ERROR);
return false;
}
public static function getFieldOptions($arrData, $objDc = null)
{
$arrOptions = array();
if (is_array($arrData['options'])) {
$arrOptions = $arrData['options'];
}
if ($objDc !== null && empty($arrOptions) && (is_array($arrData['options_callback']) || is_callable($arrData['options_callback']))) {
$arrCallback = array();
if (is_array($arrData['options_callback'])) {
$strClass = $arrData['options_callback'][0];
$strMethod = $arrData['options_callback'][1];
$objInstance = \Controller::importStatic($strClass);
try {
$arrCallback = @$objInstance->{$strMethod}($objDc);
} catch (\Exception $e) {
\System::log("{$strClass}::{$strMethod} raised an Exception: {$e->getMessage}()", __METHOD__, TL_ERROR);
}
} elseif (is_callable($arrData['options_callback'])) {
try {
$arrCallback = @$arrData['options_callback']($objDc);
} catch (\Exception $e) {
$strCallback = serialize($arrData['options_callback']);
\System::log("{$strCallback} raised an Exception: {$e->getMessage}()", __METHOD__, TL_ERROR);
}
}
if (is_array($arrCallback)) {
$arrOptions = $arrCallback;
}
}
return $arrOptions;
}
/**
* Find the longitute and latitude from a location string
* @param string $strAddress Optimal format: street (+number), postal, city [country]
* @param string
* @return array|bool return an array with logitute, latitude and address or false if error or empty results
* @example https://developers.google.com/maps/documentation/geocoding/?hl=de
*/
public static function getLonLat($strAddress, $strCountry = null)
{
// Google Geocoding API v3
$strQuery = 'https://maps.googleapis.com/maps/api/geocode/json?' . 'address=' . rawurlencode($strAddress) . '&sensor=false' . '&language=' . $GLOBALS['TL_LANGUAGE'];
if ($strCountry) {
$strQuery .= '&components=country:' . $strCountry;
}
$objRequest = new \Request();
$objRequest->send($strQuery);
if (!$objRequest->hasError()) {
$objResponse = json_decode($objRequest->response);
// check the possible return status
switch ($objResponse->status) {
case 'OK':
return array('address' => $objResponse->results[0]->formatted_address, 'longitude' => $objResponse->results[0]->geometry->location->lng, 'latitude' => $objResponse->results[0]->geometry->location->lat);
case 'ZERO_RESULTS':
case 'OVER_QUERY_LIMIT':
case 'REQUEST_DENIED':
case 'INVALID_REQUEST':
default:
\System::log("Google Maps API return error '{$objResponse->status}' for '{$strAddress}'", __METHOD__, TL_ERROR);
return false;
}
}
\System::log("Failed Request '{$strQuery}' with error '{$objRequest->error}'", __METHOD__, TL_ERROR);
return false;
}
/**
* Purge the foundation CSS and SCSS cache
*/
public static function purgeFoundationCache()
{
// Purge the folder
$objFolder = new \Folder('assets/foundation');
$objFolder->purge();
// Add a log entry
\System::log('Purged the Foundation cache', __METHOD__, TL_CRON);
}
/**
* Return true if the asset is valid and can be added to the page
*
* @return bool
*/
public function isValid()
{
if (!is_file(TL_ROOT . '/' . $this->getParserPath())) {
\System::log(sprintf('The Less parser could not be found for asset ID %s', $this->model->id), __METHOD__, TL_ERROR);
return false;
}
return parent::isValid();
}
/**
* Log a message in Contao
* @return void
*/
public function run()
{
if (AjaxInput::get('action') == 'logMessage' && AjaxInput::get('logDetails')) {
\System::log(AjaxInput::get('logDetails'), AjaxInput::get('logMethod') ?: __METHOD__, AjaxInput::get('logCategory') ?: TL_GENERAL);
$objResponse = new HtmlResponse(1);
$objResponse->send();
}
}
/**
* Purge the search tables
*/
public static function purgeFileCreditTables()
{
$objDatabase = \Database::getInstance();
// Truncate the tables
$objDatabase->execute("TRUNCATE TABLE tl_filecredit");
$objDatabase->execute("TRUNCATE TABLE tl_filecredit_page");
// Add a log entry
\System::log('Purged the filecredit tables', __METHOD__, TL_CRON);
}
/**
* Return true if the asset is valid and can be added to the page
*
* @return bool
*/
public function isValid()
{
$response = exec('sass -v');
if (!preg_match('/Sass \\d+\\.\\d+\\.\\d+/', $response)) {
\System::log(sprintf('The Sass extension is not available for asset ID %s', $this->model->id), __METHOD__, TL_ERROR);
return false;
}
return parent::isValid();
}
/**
* Check permissions for that entry
* @return void
*/
public static function check()
{
$session = \Session::getInstance()->getData();
if (\Input::get('act') == 'delete' && in_array(\Input::get('id'), static::getUndeletableIds())) {
\System::log('Product ID ' . \Input::get('id') . ' is used in an order and can\'t be deleted', __METHOD__, TL_ERROR);
\Controller::redirect('contao/main.php?act=error');
} elseif (\Input::get('act') == 'deleteAll' && is_array($session['CURRENT']['IDS'])) {
$arrDeletable = array_diff($session['CURRENT']['IDS'], static::getUndeletableIds());
if (count($arrDeletable) != count($session['CURRENT']['IDS'])) {
// Unpublish all undeletable records
\Database::getInstance()->query("\n UPDATE " . Product::getTable() . "\n SET published=''\n WHERE id IN (" . implode(',', array_intersect($session['CURRENT']['IDS'], static::getUndeletableIds())) . ")\n ");
// Remove undeletable products from selection
$session['CURRENT']['IDS'] = array_values($arrDeletable);
\Session::getInstance()->setData($session);
\Message::addInfo($GLOBALS['TL_LANG']['MSC']['undeletableUnpublished']);
}
}
$arrProducts = static::getAllowedIds();
// Method will return true if no limits should be applied (e.g. user is admin)
if (true === $arrProducts) {
return;
}
// Filter by product type and group permissions
if (empty($arrProducts)) {
unset($session['CLIPBOARD']['tl_iso_product']);
$session['CURRENT']['IDS'] = array();
$GLOBALS['TL_DCA']['tl_iso_product']['list']['sorting']['filter'][] = array('id=?', 0);
if (false === $arrProducts) {
$GLOBALS['TL_DCA']['tl_iso_product']['config']['closed'] = true;
}
} else {
// Maybe another function has already set allowed product IDs
if (is_array($GLOBALS['TL_DCA']['tl_iso_product']['list']['sorting']['root'])) {
$arrProducts = array_intersect($GLOBALS['TL_DCA']['tl_iso_product']['list']['sorting']['root'], $arrProducts);
}
$GLOBALS['TL_DCA']['tl_iso_product']['list']['sorting']['root'] = $arrProducts;
// Set allowed product IDs (edit multiple)
if (is_array($session['CURRENT']['IDS'])) {
$session['CURRENT']['IDS'] = array_intersect($session['CURRENT']['IDS'], $GLOBALS['TL_DCA']['tl_iso_product']['list']['sorting']['root']);
}
// Set allowed clipboard IDs
if (is_array($session['CLIPBOARD']['tl_iso_product']['id'])) {
$session['CLIPBOARD']['tl_iso_product']['id'] = array_intersect($session['CLIPBOARD']['tl_iso_product']['id'], $GLOBALS['TL_DCA']['tl_iso_product']['list']['sorting']['root'], \Database::getInstance()->query("SELECT id FROM tl_iso_product WHERE pid=0")->fetchEach('id'));
if (empty($session['CLIPBOARD']['tl_iso_product']['id'])) {
unset($session['CLIPBOARD']['tl_iso_product']);
}
}
// Overwrite session
\Session::getInstance()->setData($session);
// Check if the product is accessible by user
if (\Input::get('id') > 0 && !in_array(\Input::get('id'), $GLOBALS['TL_DCA']['tl_iso_product']['list']['sorting']['root']) && (!is_array($session['new_records']['tl_iso_product']) || !in_array(\Input::get('id'), $session['new_records']['tl_iso_product']))) {
\System::log('Cannot access product ID ' . \Input::get('id'), __METHOD__, TL_ERROR);
\Controller::redirect('contao/main.php?act=error');
}
}
}
/**
* Process PayPal Instant Payment Notifications (IPN)
* @param IsotopeProductCollection
*/
public function processPostsale(IsotopeProductCollection $objOrder)
{
$objRequest = new \Request();
$objRequest->send('https://www.' . ($this->debug ? 'sandbox.' : '') . 'paypal.com/cgi-bin/webscr?cmd=_notify-validate', file_get_contents("php://input"), 'post');
if ($objRequest->hasError()) {
\System::log('Request Error: ' . $objRequest->error, __METHOD__, TL_ERROR);
exit;
} elseif ($objRequest->response == 'VERIFIED' && (\Input::post('receiver_email', true) == $this->paypal_account || $this->debug)) {
// Validate payment data (see #2221)
if ($objOrder->currency != \Input::post('mc_currency') || $objOrder->getTotal() != \Input::post('mc_gross')) {
\System::log('IPN manipulation in payment from "' . \Input::post('payer_email') . '" !', __METHOD__, TL_ERROR);
return;
}
if (!$objOrder->checkout()) {
\System::log('IPN checkout for Order ID "' . \Input::post('invoice') . '" failed', __METHOD__, TL_ERROR);
return;
}
// Store request data in order for future references
$arrPayment = deserialize($objOrder->payment_data, true);
$arrPayment['POSTSALE'][] = $_POST;
$objOrder->payment_data = $arrPayment;
$objOrder->save();
// @see https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/ipnguide.pdf
switch (\Input::post('payment_status')) {
case 'Completed':
$objOrder->date_paid = time();
$objOrder->updateOrderStatus($this->new_order_status);
break;
case 'Canceled_Reversal':
case 'Denied':
case 'Expired':
case 'Failed':
case 'Voided':
// PayPal will also send this notification if the order has not been placed.
// What do we do here?
// $objOrder->date_paid = '';
// $objOrder->updateOrderStatus(Isotope::getConfig()->orderstatus_error);
break;
case 'In-Progress':
case 'Partially_Refunded':
case 'Pending':
case 'Processed':
case 'Refunded':
case 'Reversed':
break;
}
$objOrder->payment_data = $arrPayment;
$objOrder->save();
\System::log('PayPal IPN: data accepted', __METHOD__, TL_GENERAL);
} else {
\System::log('PayPal IPN: data rejected (' . $objRequest->response . ')', __METHOD__, TL_ERROR);
}
// 200 OK
$objResponse = new Response();
$objResponse->send();
}
/**
* Get the postsale order
* @return object
*/
public function getPostsaleOrder()
{
$session_id = explode('_', \Input::post('session_id'));
$objOrder = Order::findByPk($session_id[0]);
if ($objOrder === null || !$objOrder instanceof IsotopeProductCollection) {
\System::log('Order ' . $session_id[0] . ' not found', __METHOD__, TL_ERROR);
die('OK');
}
return $objOrder;
}
/**
* Run the controller
*/
public function run()
{
if (!file_exists(TL_ROOT . "/" . FILE_ROBOTS_TXT_DEFAULT)) {
if (copy(TL_ROOT . "/" . FILE_ROBOTS_TXT, TL_ROOT . "/" . FILE_ROBOTS_TXT_DEFAULT)) {
\System::log('Initial copied the "' . FILE_ROBOTS_TXT . '" to "' . FILE_ROBOTS_TXT_DEFAULT . '".', 'CreateDefaultRobotsTxt::run()', 'TL_INFO');
} else {
\System::log('Initial copying the "' . FILE_ROBOTS_TXT . '" failed.', 'CreateDefaultRobotsTxt::run()', 'TL_ERROR');
}
}
}
/**
* Handle the AJAX actions
* @param string
* @param \DataContainer
*/
public function handleAjaxActions($strAction, \DataContainer $dc)
{
if ($strAction == 'reloadDcaWizard') {
$intId = \Input::get('id');
$strField = $strFieldName = \Input::post('name');
// Handle the keys in "edit multiple" mode
if (\Input::get('act') == 'editAll') {
$intId = preg_replace('/.*_([0-9a-zA-Z]+)$/', '$1', $strField);
$strField = preg_replace('/(.*)_[0-9a-zA-Z]+$/', '$1', $strField);
}
// Validate the request data
if ($GLOBALS['TL_DCA'][$dc->table]['config']['dataContainer'] == 'File') {
// The field does not exist
if (!array_key_exists($strField, $GLOBALS['TL_CONFIG'])) {
\System::log('Field "' . $strField . '" does not exist in the global configuration', 'Ajax executePostActions()', TL_ERROR);
header('HTTP/1.1 400 Bad Request');
die('Bad Request');
}
} elseif (\Database::getInstance()->tableExists($dc->table)) {
// The field does not exist
if (!isset($GLOBALS['TL_DCA'][$dc->table]['fields'][$strField])) {
\System::log('Field "' . $strField . '" does not exist in table "' . $dc->table . '"', 'Ajax executePostActions()', TL_ERROR);
header('HTTP/1.1 400 Bad Request');
die('Bad Request');
}
$objRow = \Database::getInstance()->prepare("SELECT id FROM " . $dc->table . " WHERE id=?")->execute($intId);
// The record does not exist
if (!$objRow->numRows) {
\System::log('A record with the ID "' . $intId . '" does not exist in table "' . $dc->table . '"', 'Ajax executePostActions()', TL_ERROR);
header('HTTP/1.1 400 Bad Request');
die('Bad Request');
}
}
$strClass = $GLOBALS['BE_FFL']['dcaWizard'];
// Support classes extending DcaWizard
if ($ajaxClass = \Input::post('class')) {
$ajaxClass = base64_decode($ajaxClass);
if (in_array($ajaxClass, $GLOBALS['BE_FFL'])) {
try {
$reflection = new ReflectionClass($ajaxClass);
if ($reflection->isSubclassOf('DcaWizard')) {
$strClass = $ajaxClass;
}
} catch (\Exception $e) {
// silent fallback to default class
}
}
}
$arrData = $GLOBALS['TL_DCA'][$dc->table]['fields'][$strField];
$objWidget = new $strClass($strClass::getAttributesFromDca($arrData, $strFieldName, null, $strField, $dc->table, $dc));
header('Content-Type: text/html; charset=' . $GLOBALS['TL_CONFIG']['characterSet']);
echo $objWidget->generate();
exit;
}
}
/**
* Returns a MessageDraft
*
* @param Message
* @param array
* @param string
*
* @return MessageDraftInterface|null (if no draft could be found)
*/
public function createDraft(Message $objMessage, array $arrTokens, $strLanguage = '')
{
if ($strLanguage == '') {
$strLanguage = $GLOBALS['TL_LANGUAGE'];
}
if (($objLanguage = Language::findByMessageAndLanguageOrFallback($objMessage, $strLanguage)) === null) {
\System::log(sprintf('Could not find matching language or fallback for message ID "%s" and language "%s".', $objMessage->id, $strLanguage), __METHOD__, TL_ERROR);
return null;
}
return new EmailMessageDraft($objMessage, $objLanguage, $arrTokens);
}
/**
* Check if a user has access to lead data.
*
* @param $dc
*/
public function checkPermission($dc)
{
if (\Input::get('master') == '') {
\Controller::redirect('contao/main.php?act=error');
}
$objUser = \BackendUser::getInstance();
if ($objUser->isAdmin) {
return;
}
if (!is_array($objUser->forms) || !in_array(\Input::get('master'), $objUser->forms)) {
\System::log('Not enough permissions to access leads ID "' . \Input::get('master') . '"', __METHOD__, TL_ERROR);
\Controller::redirect('contao/main.php?act=error');
}
}
/**
* Find coordinates using the google maps geocode service
*
* @param string $strStreet
* @param string $strPostal
* @param string $strCity
* @param string $strCountry
*
* @return WGS84|null
*/
public static function findAddressOnGoogleMaps($strStreet, $strPostal, $strCity, $strCountry)
{
$strAddress = sprintf('%s, %s %s %s', $strStreet, $strPostal, $strCity, $strCountry);
$strAddress = urlencode($strAddress);
// Get the coordinates
$objRequest = new \Request();
$objRequest->send('http://maps.googleapis.com/maps/api/geocode/json?address=' . $strAddress . '&sensor=false');
// Request failed
if ($objRequest->hasError()) {
\System::log('Could not get coordinates for: ' . $strAddress . ' (' . $objRequest->response . ')', __METHOD__, TL_ERROR);
return null;
}
$objResponse = json_decode($objRequest->response);
return new static($objResponse->results[0]->geometry->location->lat, $objResponse->results[0]->geometry->location->lng);
}
/**
* Send this queued message
*
* @return bool
*/
public function send()
{
$message = $this->getRelated('message');
if ($message === null) {
\System::log('Could not send queued message ' . $this->id . ' because related message could not be found.', __METHOD__, TL_ERROR);
return false;
} else {
// Temporarily set gateway to target gateway
$message->gateway = $this->targetGateway;
$result = $message->send($this->getTokens(), $this->language);
// Reset gateway
$message->gateway = $this->sourceQueue;
return $result;
}
}
public function run()
{
// get the database
$objDb = \Database::getInstance();
if ($objDb->tableExists('tl_article')) {
if ($objDb->fieldExists('inheritAfter', 'tl_article') && !$objDb->fieldExists('inheritPriority', 'tl_article')) {
// create field
$objDb->execute("ALTER TABLE `tl_article` ADD `inheritPriority` smallint(5) NOT NULL default '0'");
if ($objDb->fieldExists('inheritPriority', 'tl_article', true)) {
$objDb->execute("UPDATE tl_article SET inheritPriority = '-1' WHERE inheritAfter = '1' AND inherit = '1'");
\System::log('Successfully migrated inherit_article settings from <1.3.0 to >=1.3.0.', __METHOD__, TL_GENERAL);
}
}
}
}
/**
* Undo the record
* @param integer
* @return boolean
*/
public static function undo($intUndoId)
{
if (!is_array($GLOBALS['HASTE_HOOKS']['undoData']) || empty($GLOBALS['HASTE_HOOKS']['undoData']) || !static::hasData($intUndoId)) {
return false;
}
$objRecords = \Database::getInstance()->prepare("SELECT * FROM tl_undo WHERE id=?")->limit(1)->execute($intUndoId);
$error = false;
$query = $objRecords->query;
$data = deserialize($objRecords->data);
if (!is_array($data)) {
return false;
}
$arrFields = array();
$hasteData = json_decode($objRecords->haste_data, true);
// Restore the data
foreach ($data as $table => $fields) {
// Get the currently available fields
if (!isset($arrFields[$table])) {
$arrFields[$table] = array_flip(\Database::getInstance()->getFieldnames($table));
}
foreach ($fields as $row) {
// Unset fields that no longer exist in the database
$row = array_intersect_key($row, $arrFields[$table]);
// Re-insert the data
$objInsertStmt = \Database::getInstance()->prepare("INSERT INTO " . $table . " %s")->set($row)->execute();
// Do not delete record from tl_undo if there is an error
if ($objInsertStmt->affectedRows < 1) {
$error = true;
continue;
}
$insertId = $objInsertStmt->insertId;
foreach ($GLOBALS['HASTE_HOOKS']['undoData'] as $callback) {
if (is_array($callback)) {
$objClass = new $callback[0]();
$objClass->{$callback[1]}($hasteData, $insertId, $table, $row);
} elseif (is_callable($callback)) {
$callback($hasteData, $insertId, $table, $row);
}
}
}
}
// Add log entry and delete record from tl_undo if there was no error
if (!$error) {
\System::log('Undone ' . $query, __METHOD__, TL_GENERAL);
\Database::getInstance()->prepare("DELETE FROM tl_undo WHERE id=?")->limit(1)->execute($intUndoId);
}
return !$error;
}
