public function paypal_notify()
 {
     $crypt = Loader::helper('encryption');
     $paypal = new \Concrete\Package\PaypalExpressVividStore\Src\VividStore\Payment\Methods\PaypalExpress\Helpers\PaypalExpressHelper();
     if (Config::get('vividstore.paypalExpressMode') == 'test') {
         $type = 'sandbox';
     } else {
         $type = 'live';
     }
     $conf = ['type' => $type];
     $paypal->setConfig($conf);
     if ($paypal->validateIPN()) {
         if (Config::get('vividstore.paypalExpressTransactionType') == "Authorization") {
             $status_message = strtolower($_REQUEST['auth_status']);
         } else {
             $status_message = strtolower($_REQUEST['payment_status']);
         }
         if ($status_message == 'completed') {
             $status = OrderStatus::getByHandle('complete');
         } elseif ($status_message == 'denied' || $status_message == 'reversed') {
             $status = OrderStatus::getByHandle('complete');
         }
         $crypt = Loader::helper('encryption');
         $invoice = $crypt->decrypt($_REQUEST['invoice']);
         $oID = Invoice::getOrderID($invoice);
         $order = Order::getById($oID);
         if ($order) {
             $order->updateStatus($status);
         }
     }
 }
Beispiel #2
0
 public function renderOrderPrintSlip()
 {
     $o = Order::getByID($this->post('oID'));
     if (Filesystem::exists(DIR_BASE . "/application/elements/order_slip.php")) {
         View::element("order_slip", array('order' => $o));
     } else {
         View::element("order_slip", array('order' => $o), "vivid_store");
     }
 }
Beispiel #3
0
 public function view()
 {
     $customer = new Customer();
     $order = VividOrder::getByID($customer->getLastOrderID());
     if (is_object($order)) {
         $this->set("order", $order);
     } else {
         $this->redirect("/cart");
     }
     $this->addFooterItem(Core::make('helper/html')->javascript('vivid-store.js', 'vivid_store'));
     $this->addHeaderItem(Core::make('helper/html')->css('vivid-store.css', 'vivid_store'));
 }
Beispiel #4
0
 public function view()
 {
     $customer = new Customer();
     $order = VividOrder::getByID($customer->getLastOrderID());
     if (is_object($order)) {
         $this->set("order", $order);
     } else {
         $this->redirect("/cart");
     }
     $this->requireAsset('javascript', 'vivid-store');
     $this->requireAsset('css', 'vivid-store');
 }
Beispiel #5
0
 public function remove($oID)
 {
     VividOrder::getByID($oID)->remove();
     $this->redirect('/dashboard/store/orders/removed');
 }
 public static function validateCompletion()
 {
     // Read POST data
     // reading posted data directly from $_POST causes serialization
     // issues with array data in POST. Reading raw POST data from input stream instead.
     $raw_post_data = file_get_contents('php://input');
     $raw_post_array = explode('&', $raw_post_data);
     $myPost = array();
     foreach ($raw_post_array as $keyval) {
         $keyval = explode('=', $keyval);
         if (count($keyval) == 2) {
             $myPost[$keyval[0]] = urldecode($keyval[1]);
         }
     }
     // read the post from PayPal system and add 'cmd'
     $req = 'cmd=_notify-validate';
     if (function_exists('get_magic_quotes_gpc')) {
         $get_magic_quotes_exists = true;
     }
     foreach ($myPost as $key => $value) {
         if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
             $value = urlencode(stripslashes($value));
         } else {
             $value = urlencode($value);
         }
         $req .= "&{$key}={$value}";
     }
     // Post IPN data back to PayPal to validate the IPN data is genuine
     // Without this step anyone can fake IPN data
     if (Config::get('vividstore.paypalTestMode') == true) {
         $paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
     } else {
         $paypal_url = "https://www.paypal.com/cgi-bin/webscr";
     }
     $ch = curl_init($paypal_url);
     if ($ch == FALSE) {
         return FALSE;
     }
     curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
     curl_setopt($ch, CURLOPT_POST, 1);
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
     curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
     curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
     if (DEBUG == true) {
         curl_setopt($ch, CURLOPT_HEADER, 1);
         curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
     }
     // CONFIG: Optional proxy configuration
     //curl_setopt($ch, CURLOPT_PROXY, $proxy);
     //curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
     // Set TCP timeout to 30 seconds
     curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
     curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
     // CONFIG: Please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path
     // of the certificate as shown below. Ensure the file is readable by the webserver.
     // This is mandatory for some environments.
     //$cert = __DIR__ . "./cacert.pem";
     //curl_setopt($ch, CURLOPT_CAINFO, $cert);
     $res = curl_exec($ch);
     if (curl_errno($ch) != 0) {
         Log::addEntry("Can't connect to PayPal to validate IPN message: " . curl_error($ch));
         curl_close($ch);
         exit;
     } else {
         //if we want to log more stuff
         //Log::addEntry("HTTP request of validation request:". curl_getinfo($ch, CURLINFO_HEADER_OUT) ." for IPN payload: $req");
         //Log::addEntry("HTTP response of validation request: $res");
         curl_close($ch);
     }
     // Inspect IPN validation result and act accordingly
     // Split response headers and payload, a better way for strcmp
     $tokens = explode("\r\n\r\n", trim($res));
     $res = trim(end($tokens));
     if (strcmp($res, "VERIFIED") == 0) {
         $order = VividOrder::getByID($_POST['invoice']);
         $order->completeOrder();
         $order->updateStatus(OrderStatus::getStartingStatus()->getHandle());
     } elseif (strcmp($res, "INVALID") == 0) {
         // log for manual investigation
         // Add business logic here which deals with invalid IPN messages
         Log::addEntry("Invalid IPN: {$req}");
     }
 }
Beispiel #7
0
 public function submit()
 {
     $data = $this->post();
     //process payment
     $pmHandle = $data['payment-method'];
     $pm = PaymentMethod::getByHandle($pmHandle);
     if (!$pm instanceof PaymentMethod) {
         //There was no payment method enabled somehow.
         //so we'll force invoice.
         $pm = PaymentMethod::getByHandle('invoice');
     } else {
         if ($pm->getMethodController()->external == true) {
             $pmsess = Session::get('paymentMethod');
             $pmsess[$pm->getPaymentMethodID()] = $data['payment-method'];
             Session::set('paymentMethod', $pmsess);
             $order = VividOrder::add($data, $pm, 'incomplete');
             Session::set('orderID', $order->getOrderID());
             $this->redirect('/checkout/external');
         } else {
             $payment = $pm->submitPayment();
             if ($payment['error'] == 1) {
                 $pmsess = Session::get('paymentMethod');
                 $pmsess[$pm->getPaymentMethodID()] = $data['payment-method'];
                 Session::set('paymentMethod', $pmsess);
                 $pesess = Session::get('paymentErrors');
                 $pesess = $payment['errorMessage'];
                 Session::set('paymentErrors', $pesess);
                 $this->redirect("/checkout/failed#payment");
             } else {
                 VividOrder::add($data, $pm);
                 $this->redirect('/checkout/complete');
             }
         }
     }
 }
Beispiel #8
0
 public function add($data, $pm, $status = null)
 {
     $taxBased = Config::get('vividstore.taxBased');
     $taxlabel = Config::get('vividstore.taxName');
     $this->set('taxlabel', $taxlabel);
     $taxCalc = Config::get('vividstore.calculation');
     $db = Database::get();
     //get who ordered it
     $customer = new Customer();
     //what time is it?
     $dt = Core::make('helper/date');
     $now = $dt->getLocalDateTime();
     //get the price details
     $shipping = VividCart::getShippingTotal();
     $shipping = Price::formatFloat($shipping);
     $taxvalue = VividCart::getTaxTotal();
     $taxName = Config::get('vividstore.taxName');
     $total = VividCart::getTotal();
     $total = Price::formatFloat($total);
     $tax = 0;
     $taxIncluded = 0;
     if ($taxCalc == 'extract') {
         $taxIncluded = $taxvalue;
     } else {
         $tax = $taxvalue;
     }
     $tax = Price::formatFloat($tax);
     //get payment method
     $pmID = $pm->getPaymentMethodID();
     //add the order
     $vals = array($customer->getUserID(), $now, $pmID, $shipping, $tax, $taxIncluded, $taxName, $total);
     $db->Execute("INSERT INTO VividStoreOrders(cID,oDate,pmID,oShippingTotal,oTax,oTaxIncluded,oTaxName,oTotal) VALUES (?,?,?,?,?,?,?,?)", $vals);
     $oID = $db->lastInsertId();
     $order = Order::getByID($oID);
     if ($status) {
         $order->updateStatus($status);
     } else {
         $order->updateStatus(OrderStatus::getStartingStatus()->getHandle());
     }
     $order->setAttribute("email", $customer->getEmail());
     $order->setAttribute("billing_first_name", $customer->getValue("billing_first_name"));
     $order->setAttribute("billing_last_name", $customer->getValue("billing_last_name"));
     $order->setAttribute("billing_address", $customer->getValueArray("billing_address"));
     $order->setAttribute("billing_phone", $customer->getValue("billing_phone"));
     $order->setAttribute("shipping_first_name", $customer->getValue("shipping_first_name"));
     $order->setAttribute("shipping_last_name", $customer->getValue("shipping_last_name"));
     $order->setAttribute("shipping_address", $customer->getValueArray("shipping_address"));
     $customer->setLastOrderID($oID);
     //add the order items
     $cart = VividCart::getCart();
     foreach ($cart as $cartItem) {
         $taxvalue = VividCart::getTaxProduct($cartItem['product']['pID']);
         $tax = 0;
         $taxIncluded = 0;
         if ($taxCalc == 'extract') {
             $taxIncluded = $taxvalue;
         } else {
             $tax = $taxvalue;
         }
         $productTaxName = $taxName;
         if ($taxvalue == 0) {
             $productTaxName = '';
         }
         OrderItem::add($cartItem, $oID, $tax, $taxIncluded, $productTaxName);
         $product = VividProduct::getByID($cartItem['product']['pID']);
         if ($product && $product->hasUserGroups()) {
             $usergroupstoadd = $product->getProductUserGroups();
             foreach ($usergroupstoadd as $id) {
                 $g = Group::getByID($id);
                 if ($g) {
                     $customer->getUserInfo()->enterGroup($g);
                 }
             }
         }
     }
     if (!$customer->isGuest()) {
         //add user to Store Customers group
         $group = \Group::getByName('Store Customer');
         if (is_object($group) || $group->getGroupID() < 1) {
             $customer->getUserInfo()->enterGroup($group);
         }
     }
     // create order event and dispatch
     $event = new OrderEvent($order);
     Events::dispatch('on_vividstore_order', $event);
     //send out the alerts
     $mh = new MailService();
     $pkg = Package::getByHandle('vivid_store');
     $fromEmail = Config::get('vividstore.emailalerts');
     if (!$fromEmail) {
         $fromEmail = "store@" . $_SERVER['SERVER_NAME'];
     }
     $alertEmails = explode(",", Config::get('vividstore.notificationemails'));
     $alertEmails = array_map('trim', $alertEmails);
     //receipt
     $mh->from($fromEmail);
     $mh->to($customer->getEmail());
     $mh->addParameter("order", $order);
     $mh->addParameter("taxbased", $taxBased);
     $mh->addParameter("taxlabel", $taxlabel);
     $mh->load("order_receipt", "vivid_store");
     $mh->sendMail();
     //order notification
     $mh->from($fromEmail);
     foreach ($alertEmails as $alertEmail) {
         $mh->to($alertEmail);
     }
     $mh->addParameter("order", $order);
     $mh->addParameter("taxbased", $taxBased);
     $mh->addParameter("taxlabel", $taxlabel);
     $mh->load("new_order_notification", "vivid_store");
     $mh->sendMail();
     VividCart::clear();
     return $order;
 }
Beispiel #9
0
 private static function recordStatusChange(Order $order, $statusHandle)
 {
     $db = Database::get();
     $newOrderStatus = OrderStatus::getByHandle($statusHandle);
     $user = new user();
     $statusHistorySql = "INSERT INTO " . self::$table . " SET oID=?, oshStatus=?, uID=?";
     $statusHistoryValues = array($order->getOrderID(), $newOrderStatus->getHandle(), $user->uID);
     $db->Execute($statusHistorySql, $statusHistoryValues);
     $updateOrderSql = "UPDATE VividStoreOrders SET oStatus = ? WHERE oID = ?";
     $updateOrderValues = array($newOrderStatus->getHandle(), $order->getOrderID());
     $db->Execute($updateOrderSql, $updateOrderValues);
     return $newOrderStatus->getHandle();
 }
Beispiel #10
0
 public function getResult($queryRow)
 {
     return VividOrder::getByID($queryRow['oID']);
 }
Beispiel #11
0
 public function add($data, $pm, $status = null)
 {
     $db = Database::get();
     //get who ordered it
     $customer = new Customer();
     //what time is it?
     $dt = Core::make('helper/date');
     $now = $dt->getLocalDateTime();
     //get the price details
     $smID = \Session::get('smID');
     if ($smID > 0) {
         $sm = ShippingMethod::getByID($smID);
         $shippingMethodTypeName = $sm->getShippingMethodType()->getShippingMethodTypeName();
         $shippingMethodName = $sm->getName();
         $smName = $shippingMethodTypeName . ": " . $shippingMethodName;
     } else {
         $smName = "No Shipping Method";
     }
     $shipping = VividCart::getShippingTotal();
     $taxes = Tax::getTaxes();
     $totals = VividCart::getTotals();
     $total = $totals['total'];
     $taxCalc = Config::get('vividstore.calculation');
     $taxTotal = array();
     $taxIncludedTotal = array();
     $taxLabels = array();
     foreach ($taxes as $tax) {
         if ($taxCalc == 'extract') {
             $taxIncludedTotal[] = $tax['taxamount'];
         } else {
             $taxTotal[] = $tax['taxamount'];
         }
         $taxLabels[] = $tax['name'];
     }
     $taxTotal = implode(',', $taxTotal);
     $taxIncludedTotal = implode(',', $taxIncludedTotal);
     $taxLabels = implode(',', $taxLabels);
     //get payment method
     $pmName = $pm->getPaymentMethodName();
     //add the order
     $vals = array($customer->getUserID(), $now, $pmName, $smName, $shipping, $taxTotal, $taxIncludedTotal, $taxLabels, $total);
     $db->Execute("INSERT INTO VividStoreOrders(cID,oDate,pmName,smName,oShippingTotal,oTax,oTaxIncluded,oTaxName,oTotal) VALUES (?,?,?,?,?,?,?,?,?)", $vals);
     $oID = $db->lastInsertId();
     $order = Order::getByID($oID);
     if ($status) {
         $order->updateStatus($status);
     } else {
         $order->updateStatus(OrderStatus::getStartingStatus()->getHandle());
     }
     $email = $customer->getEmail();
     $billing_first_name = $customer->getValue("billing_first_name");
     $billing_last_name = $customer->getValue("billing_last_name");
     $billing_address = $customer->getValueArray("billing_address");
     $billing_phone = $customer->getValue("billing_phone");
     $shipping_first_name = $customer->getValue("shipping_first_name");
     $shipping_last_name = $customer->getValue("shipping_last_name");
     $shipping_address = $customer->getValueArray("shipping_address");
     $order->setAttribute("email", $email);
     $order->setAttribute("billing_first_name", $billing_first_name);
     $order->setAttribute("billing_last_name", $billing_last_name);
     $order->setAttribute("billing_address", $billing_address);
     $order->setAttribute("billing_phone", $billing_phone);
     if ($smID) {
         $order->setAttribute("shipping_first_name", $shipping_first_name);
         $order->setAttribute("shipping_last_name", $shipping_last_name);
         $order->setAttribute("shipping_address", $shipping_address);
     }
     $customer->setLastOrderID($oID);
     //add the order items
     $cart = VividCart::getCart();
     foreach ($cart as $cartItem) {
         $taxes = Tax::getTaxForProduct($cartItem);
         $taxProductTotal = array();
         $taxProductIncludedTotal = array();
         $taxProductLabels = array();
         foreach ($taxes as $tax) {
             if ($taxCalc == 'extract') {
                 $taxProductIncludedTotal[] = $tax['taxamount'];
             } else {
                 $taxProductTotal[] = $tax['taxamount'];
             }
             $taxProductLabels[] = $tax['name'];
         }
         $taxProductTotal = implode(',', $taxProductTotal);
         $taxProductIncludedTotal = implode(',', $taxProductIncludedTotal);
         $taxProductLabels = implode(',', $taxProductLabels);
         OrderItem::add($cartItem, $oID, $taxProductTotal, $taxProductIncludedTotal, $taxProductLabels);
     }
     $discounts = VividCart::getDiscounts();
     if ($discounts) {
         foreach ($discounts as $discount) {
             $order->addDiscount($discount, VividCart::getCode());
         }
     }
     //if the payment method is not external, go ahead and complete the order.
     if (!$pm->external) {
         $order->completeOrder();
     }
     return $order;
 }