Ejemplo n.º 1
0
 public static function execute(ApplicationAbstract $application)
 {
     $OSCOM_Database = Registry::get('Database');
     $OSCOM_MessageStack = Registry::get('MessageStack');
     $Qcheck = $OSCOM_Database->query('select customers_id, customers_firstname, customers_lastname, customers_gender, customers_email_address, customers_password from :table_customers where customers_email_address = :customers_email_address limit 1');
     $Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
     $Qcheck->execute();
     if ($Qcheck->numberOfRows() === 1) {
         $password = osc_create_random_string(ACCOUNT_PASSWORD);
         if (Account::savePassword($password, $Qcheck->valueInt('customers_id'))) {
             if (ACCOUNT_GENDER > -1) {
                 if ($Qcheck->value('customers_gender') == 'm') {
                     $email_text = sprintf(OSCOM::getDef('email_addressing_gender_male'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
                 } else {
                     $email_text = sprintf(OSCOM::getDef('email_addressing_gender_female'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
                 }
             } else {
                 $email_text = sprintf(OSCOM::getDef('email_addressing_gender_unknown'), $Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname')) . "\n\n";
             }
             $email_text .= sprintf(OSCOM::getDef('email_password_reminder_body'), osc_get_ip_address(), STORE_NAME, $password, STORE_OWNER_EMAIL_ADDRESS);
             osc_email($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $Qcheck->valueProtected('customers_email_address'), sprintf(OSCOM::getDef('email_password_reminder_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             $OSCOM_MessageStack->add('LogIn', OSCOM::getDef('success_password_forgotten_sent'), 'success');
         }
         osc_redirect(OSCOM::getLink(null, null, 'LogIn', 'SSL'));
     } else {
         $OSCOM_MessageStack->add('PasswordForgotten', OSCOM::getDef('error_password_forgotten_no_email_address_found'));
     }
 }
Ejemplo n.º 2
0
 public static function execute()
 {
     // List of safe IP-Addresses found here:
     // https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_golivechecklist
     $firewall = array('64.4.241.16', '64.4.241.32', '64.4.241.33', '64.4.241.34', '64.4.241.35', '64.4.241.36', '64.4.241.37', '64.4.241.38', '64.4.241.39', '216.113.188.32', '216.113.188.33', '216.113.188.34', '216.113.188.35', '216.113.188.64', '216.113.188.65', '216.113.188.66', '216.113.188.67', '66.211.169.2', '66.211.169.65', '216.113.188.39', '216.113.188.71', '66.211.168.91', '66.211.168.123', '216.113.188.52', '216.113.188.84', '66.211.168.92', '66.211.168.124', '216.113.188.10', '66.211.168.126', '216.113.188.11', '66.211.168.125', '216.113.188.202', '216.113.188.203', '216.113.188.204', '66.211.170.66', '66.135.197.163', '216.113.169.205', '66.135.197.160', '66.135.197.162', '66.135.197.141', '66.135.197.164');
     if (!in_array(osc_get_ip_address(), $firewall)) {
         exit;
     }
 }
Ejemplo n.º 3
0
 function createEntry($data, $restore_cart_contents = true, $send_email = true)
 {
     global $osC_Database, $osC_Session, $osC_Language, $osC_ShoppingCart, $osC_Customer, $osC_NavigationHistory, $toC_Wishlist;
     $Qcustomer = $osC_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)');
     $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
     $Qcustomer->bindValue(':customers_firstname', $data['firstname']);
     $Qcustomer->bindValue(':customers_lastname', $data['lastname']);
     $Qcustomer->bindValue(':customers_email_address', $data['email_address']);
     $Qcustomer->bindValue(':customers_newsletter', isset($data['newsletter']) && $data['newsletter'] == '1' ? '1' : '');
     $Qcustomer->bindValue(':customers_status', '1');
     $Qcustomer->bindValue(':customers_ip_address', osc_get_ip_address());
     $Qcustomer->bindValue(':customers_password', osc_encrypt_string($data['password']));
     $Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : '');
     $Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? date('Ymd', $data['dob']) : '');
     $Qcustomer->bindInt(':number_of_logons', 0);
     $Qcustomer->bindRaw(':date_account_created', 'now()');
     $Qcustomer->execute();
     if ($Qcustomer->affectedRows() === 1) {
         $customer_id = $osC_Database->nextID();
         $QcustomerGroup = $osC_Database->query('select customers_groups_id from :table_customers_groups where is_default = 1');
         $QcustomerGroup->bindTable(':table_customers_groups', TABLE_CUSTOMERS_GROUPS);
         $QcustomerGroup->execute();
         if ($QcustomerGroup->numberOfRows() == 1) {
             $osC_Database->simpleQuery('update ' . TABLE_CUSTOMERS . ' set customers_groups_id = ' . $QcustomerGroup->valueInt('customers_groups_id') . ' where customers_id = ' . $customer_id);
         }
         if (SERVICE_SESSION_REGENERATE_ID == '1') {
             $osC_Session->recreate();
         }
         $osC_Customer->setCustomerData($customer_id);
         //restore cart contents
         if ($restore_cart_contents === true) {
             $osC_ShoppingCart->synchronizeWithDatabase();
         }
         //restore wishlist contents
         $toC_Wishlist->synchronizeWithDatabase();
         $osC_NavigationHistory->removeCurrentPage();
         include 'email_template.php';
         $email = toC_Email_Template::getEmailTemplate('create_account_email');
         $email->setData($osC_Customer, $data['password']);
         $email->buildMessage();
         $email->sendEmail();
         return true;
     }
     return false;
 }
Ejemplo n.º 4
0
 /**
  * Stores a new customer account entry in the database
  *
  * @param array $data An array containing the customers information
  * @access public
  * @return boolean
  */
 public static function createEntry($data)
 {
     $OSCOM_Database = Registry::get('Database');
     $OSCOM_Session = Registry::get('Session');
     $OSCOM_Customer = Registry::get('Customer');
     $OSCOM_ShoppingCart = Registry::get('ShoppingCart');
     $OSCOM_NavigationHistory = Registry::get('NavigationHistory');
     $Qcustomer = $OSCOM_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)');
     $Qcustomer->bindValue(':customers_firstname', $data['firstname']);
     $Qcustomer->bindValue(':customers_lastname', $data['lastname']);
     $Qcustomer->bindValue(':customers_email_address', $data['email_address']);
     $Qcustomer->bindValue(':customers_newsletter', isset($data['newsletter']) && $data['newsletter'] == '1' ? '1' : '');
     $Qcustomer->bindValue(':customers_status', '1');
     $Qcustomer->bindValue(':customers_ip_address', osc_get_ip_address());
     $Qcustomer->bindValue(':customers_password', osc_encrypt_string($data['password']));
     $Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : '');
     $Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? date('Ymd', $data['dob']) : '');
     $Qcustomer->bindInt(':number_of_logons', 0);
     $Qcustomer->bindRaw(':date_account_created', 'now()');
     $Qcustomer->execute();
     if ($Qcustomer->affectedRows() === 1) {
         $customer_id = $OSCOM_Database->nextID();
         if (SERVICE_SESSION_REGENERATE_ID == '1') {
             $OSCOM_Session->recreate();
         }
         $OSCOM_Customer->setCustomerData($customer_id);
         // restore cart contents
         $OSCOM_ShoppingCart->synchronizeWithDatabase();
         $OSCOM_NavigationHistory->removeCurrentPage();
         // build the welcome email content
         if (ACCOUNT_GENDER > -1 && isset($data['gender'])) {
             if ($data['gender'] == 'm') {
                 $email_text = sprintf(OSCOM::getDef('email_addressing_gender_male'), $OSCOM_Customer->getLastName()) . "\n\n";
             } else {
                 $email_text = sprintf(OSCOM::getDef('email_addressing_gender_female'), $OSCOM_Customer->getLastName()) . "\n\n";
             }
         } else {
             $email_text = sprintf(OSCOM::getDef('email_addressing_gender_unknown'), $OSCOM_Customer->getName()) . "\n\n";
         }
         $email_text .= sprintf(OSCOM::getDef('email_create_account_body'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS);
         osc_email($OSCOM_Customer->getName(), $OSCOM_Customer->getEmailAddress(), sprintf(OSCOM::getDef('email_create_account_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
         return true;
     }
     return false;
 }
Ejemplo n.º 5
0
 function process_button()
 {
     global $osC_Database, $order, $osC_Currencies;
     switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_MODE) {
         case 'Always Good':
             $transaction_mode = '1';
             break;
         case 'Always Duplicate':
             $transaction_mode = '2';
             break;
         case 'Always Decline':
             $transaction_mode = '3';
             break;
         case 'Production':
         default:
             $transaction_mode = '0';
             break;
     }
     switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_TYPE) {
         case 'Sale':
             $transaction_type = '0';
             break;
         case 'PostAuth':
             $transaction_type = '2';
             break;
         case 'PreAuth':
         default:
             $transaction_type = '1';
             break;
     }
     if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') {
         $payment_error_return = '&psigate_cc_owner=' . urlencode($_POST['psigate_cc_owner']) . '&psigate_cc_expires_month=' . urlencode($_POST['psigate_cc_expires_month']) . '&psigate_cc_expires_year=' . urlencode($_POST['psigate_cc_expires_year']);
     } else {
         $payment_error_return = '';
     }
     $process_button_string = osc_draw_hidden_field('MerchantID', MODULE_PAYMENT_PSIGATE_MERCHANT_ID) . osc_draw_hidden_field('FullTotal', number_format($order->info['total'] * $osC_Currencies->value(MODULE_PAYMENT_PSIGATE_CURRENCY), $osC_Currencies->currencies[MODULE_PAYMENT_PSIGATE_CURRENCY]['decimal_places'])) . osc_draw_hidden_field('ThanksURL', osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL')) . osc_draw_hidden_field('NoThanksURL', osc_href_link(FILENAME_CHECKOUT, 'payment&payment_error=' . $this->_code . $payment_error_return, 'SSL')) . osc_draw_hidden_field('Bname', MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local' ? $_POST['psigate_cc_owner'] : $order->billing['firstname'] . ' ' . $order->billing['lastname']) . osc_draw_hidden_field('Baddr1', $order->billing['street_address']) . osc_draw_hidden_field('Bcity', $order->billing['city']);
     if ($order->billing['country']['iso_code_2'] == 'US') {
         $Qstate = $osC_Database->query('select zone_code from :table_zones where zone_id = :zone_id');
         $Qstate->bindTable(':table_zones', TABLE_ZONES);
         $Qstate->bindInt(':zone_id', $order->billing['zone_id']);
         $Qstate->execute();
         $process_button_string .= osc_draw_hidden_field('Bstate', $Qstate->value('zone_code'));
     } else {
         $process_button_string .= osc_draw_hidden_field('Bstate', $order->billing['state']);
     }
     $process_button_string .= osc_draw_hidden_field('Bzip', $order->billing['postcode']) . osc_draw_hidden_field('Bcountry', $order->billing['country']['iso_code_2']) . osc_draw_hidden_field('Phone', $order->customer['telephone']) . osc_draw_hidden_field('Email', $order->customer['email_address']) . osc_draw_hidden_field('Sname', $order->delivery['firstname'] . ' ' . $order->delivery['lastname']) . osc_draw_hidden_field('Saddr1', $order->delivery['street_address']) . osc_draw_hidden_field('Scity', $order->delivery['city']) . osc_draw_hidden_field('Sstate', $order->delivery['state']) . osc_draw_hidden_field('Szip', $order->delivery['postcode']) . osc_draw_hidden_field('Scountry', $order->delivery['country']['iso_code_2']) . osc_draw_hidden_field('ChargeType', $transaction_type) . osc_draw_hidden_field('Result', $transaction_mode) . osc_draw_hidden_field('IP', osc_get_ip_address());
     if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') {
         $process_button_string .= osc_draw_hidden_field('CardNumber', $this->cc_card_number) . osc_draw_hidden_field('ExpMonth', $this->cc_expiry_month) . osc_draw_hidden_field('ExpYear', substr($this->cc_expiry_year, -2));
     }
     return $process_button_string;
 }
Ejemplo n.º 6
0
 function process()
 {
     global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard;
     $this->_verifyData();
     $this->_order_id = osC_Order::insert();
     $post_string = '<?xml version="1.0" encoding="UTF-8"?>' . "\n" . '<WIRECARD_BXML xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance" xsi:noNamespaceSchemaLocation="wirecard.xsd">' . "\n" . '  <W_REQUEST>' . "\n" . '    <W_JOB>' . "\n" . '      <JobID>Job 1</JobID>' . "\n" . '      <BusinessCaseSignature>' . MODULE_PAYMENT_WIRECARD_CC_BUSINESS_SIGNATURE . '</BusinessCaseSignature>' . "\n" . '      <FNC_CC_PREAUTHORIZATION>' . "\n" . '        <FunctionID>Preauthorization 1</FunctionID>' . "\n" . '        <CC_TRANSACTION mode="' . MODULE_PAYMENT_WIRECARD_CC_TRANSACTION_MODE . '">' . "\n" . '          <TransactionID>' . $this->_order_id . '</TransactionID>' . "\n" . '          <CommerceType>eCommerce</CommerceType>' . "\n" . '          <Amount>' . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100 . '</Amount>' . "\n" . '          <Currency>' . $osC_Currencies->getCode() . '</Currency>' . "\n" . '          <CountryCode>' . osC_Address::getCountryIsoCode2(STORE_COUNTRY) . '</CountryCode>' . "\n" . '          <Usage>' . STORE_NAME . '</Usage>' . "\n" . '          <RECURRING_TRANSACTION>' . "\n" . '            <Type>Single</Type>' . "\n" . '          </RECURRING_TRANSACTION>' . "\n" . '          <CREDIT_CARD_DATA>' . "\n" . '            <CreditCardNumber>' . $osC_CreditCard->getNumber() . '</CreditCardNumber>' . "\n";
     if (MODULE_PAYMENT_WIRECARD_CC_VERIFY_WITH_CVC == '1') {
         $post_string .= '            <CVC2>' . $osC_CreditCard->getCVC() . '</CVC2>' . "\n";
     }
     $post_string .= '            <ExpirationYear>' . $osC_CreditCard->getExpiryYear() . '</ExpirationYear>' . "\n" . '            <ExpirationMonth>' . $osC_CreditCard->getExpiryMonth() . '</ExpirationMonth>' . "\n" . '            <CardHolderName>' . $osC_CreditCard->getOwner() . '</CardHolderName>' . "\n" . '          </CREDIT_CARD_DATA>' . "\n" . '          <CONTACT_DATA>' . "\n" . '            <IPAddress>' . osc_get_ip_address() . '</IPAddress>' . "\n" . '          </CONTACT_DATA>' . "\n" . '          <CORPTRUSTCENTER_DATA>' . "\n" . '            <ADDRESS>' . "\n" . '              <FirstName>' . $osC_ShoppingCart->getBillingAddress('firstname') . '</FirstName>' . "\n" . '              <LastName>' . $osC_ShoppingCart->getBillingAddress('lastname') . '</LastName>' . "\n" . '              <Address1>' . $osC_ShoppingCart->getBillingAddress('street_address') . '</Address1>' . "\n" . '              <City>' . $osC_ShoppingCart->getBillingAddress('city') . '</City>' . "\n" . '              <ZipCode>' . $osC_ShoppingCart->getBillingAddress('postcode') . '</ZipCode>' . "\n";
     if (osc_empty($osC_ShoppingCart->getBillingAddress('zone_code')) === false) {
         $post_string .= '              <State>' . $osC_ShoppingCart->getBillingAddress('zone_code') . '</State>' . "\n";
     }
     $post_string .= '              <Country>' . $osC_ShoppingCart->getBillingAddress('country_iso_code_2') . '</Country>' . "\n" . '              <Phone>' . $osC_ShoppingCart->getBillingAddress('telephone_number') . '</Phone>' . "\n" . '              <Email>' . $osC_Customer->getEmailAddress() . '</Email>' . "\n" . '            </ADDRESS>' . "\n" . '          </CORPTRUSTCENTER_DATA>' . "\n" . '        </CC_TRANSACTION>' . "\n" . '      </FNC_CC_PREAUTHORIZATION>' . "\n" . '    </W_JOB>' . "\n" . '  </W_REQUEST>' . "\n" . '</WIRECARD_BXML>';
     $this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string, array('Content-type: text/xml'));
     if (empty($this->_transaction_response) === false) {
         $osC_XML = new osC_XML($this->_transaction_response);
         $result = $osC_XML->toArray();
     } else {
         $result = array();
     }
     $error = false;
     if (isset($result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['FunctionResult'])) {
         if ($result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['FunctionResult'] != 'ACK') {
             $errno = $result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['ERROR']['Number'];
             switch ($errno) {
                 case '14':
                 case '20109':
                     $error = $osC_Language->get('payment_wirecard_cc_error_unkown_card');
                     break;
                 case '33':
                 case '20071':
                     $error = $osC_Language->get('payment_wirecard_cc_error_' . (int) $errno);
                     break;
                 default:
                     $error = $osC_Language->get('payment_wirecard_cc_error_general');
                     break;
             }
         }
     } else {
         $error = $osC_Language->get('payment_wirecard_cc_error_general');
     }
     if ($error === false) {
         osC_Order::process($this->_order_id, $this->order_status);
         $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
         $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
         $Qtransaction->bindInt(':orders_id', $this->_order_id);
         $Qtransaction->bindInt(':transaction_code', 1);
         $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
         $Qtransaction->bindInt(':transaction_return_status', 1);
         $Qtransaction->execute();
     } else {
         osC_Order::remove($this->_order_id);
         $messageStack->add_session('checkout_payment', $error, 'error');
         osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&wirecard_cc_owner=' . $osC_CreditCard->getOwner() . '&wirecard_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&wirecard_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_WIRECARD_CC_VERIFY_WITH_CVC == '1' ? '&wirecard_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL'));
     }
 }
Ejemplo n.º 7
0
                die($osC_Language->get('error_download_max_num_of_times'));
            }
            // Die if file is not there
            if (!file_exists(DIR_FS_DOWNLOAD . $Qdownload->value('orders_products_cache_filename'))) {
                die($osC_Language->get('error_download_file_not_exist'));
            }
            // Now decrement counter
            $Qupdate = $osC_Database->query('update :table_orders_products_download set download_count = download_count-1 where orders_products_download_id = :orders_products_download_id');
            $Qupdate->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD);
            $Qupdate->bindInt(':orders_products_download_id', $_GET['id']);
            $Qupdate->execute();
            // Now insert history
            $Qinsert = $osC_Database->query('insert into :table_products_download_history (orders_products_download_id, download_date, download_ip_address) values (:orders_products_download_id, now(), :download_ip_address)');
            $Qinsert->bindTable(':table_products_download_history', TABLE_PRODUCTS_DOWNLOAD_HISTORY);
            $Qinsert->bindInt(':orders_products_download_id', $_GET['id']);
            $Qinsert->bindValue(':download_ip_address', osc_get_ip_address());
            $Qinsert->execute();
        }
    }
}
// Returns a random name, 16 to 20 characters long
// There are more than 10^28 combinations
// The directory is "hidden", i.e. starts with '.'
function osc_random_name()
{
    $letters = 'abcdefghijklmnopqrstuvwxyz';
    $dirname = '.';
    $length = floor(osc_rand(16, 20));
    for ($i = 1; $i <= $length; $i++) {
        $q = floor(osc_rand(1, 26));
        $dirname .= $letters[$q];
Ejemplo n.º 8
0
 function process()
 {
     global $osC_Currencies, $osC_ShoppingCart, $osC_Customer, $osC_Language, $messageStack;
     $currency = $osC_Currencies->getCode();
     if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && isset($this->cc_types[$_POST['cc_type']]) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) {
         $params = array('USER' => MODULE_PAYMENT_PAYPAL_DIRECT_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_DIRECT_API_PASSWORD, 'VERSION' => '3.2', 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_DIRECT_API_SIGNATURE, 'METHOD' => 'DoDirectPayment', 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => osc_get_ip_address(), 'AMT' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal() - $osC_ShoppingCart->getShippingMethod('cost'), $currency), 'CREDITCARDTYPE' => $_POST['cc_type'], 'ACCT' => $_POST['cc_number_nh-dns'], 'STARTDATE' => $_POST['cc_starts_month'] . $_POST['cc_starts_year'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($_POST['cc_owner'], 0, strpos($_POST['cc_owner'], ' ')), 'LASTNAME' => substr($_POST['cc_owner'], strpos($_POST['cc_owner'], ' ') + 1), 'STREET' => $osC_ShoppingCart->getBillingAddress('street_address'), 'CITY' => $osC_ShoppingCart->getBillingAddress('city'), 'STATE' => $osC_ShoppingCart->getBillingAddress('state'), 'COUNTRYCODE' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'ZIP' => $osC_ShoppingCart->getBillingAddress('postcode'), 'EMAIL' => $osC_Customer->getEmailAddress(), 'PHONENUM' => $osC_ShoppingCart->getBillingAddress('telephone_number'), 'CURRENCYCODE' => $currency, 'BUTTONSOURCE' => 'tomatcart');
         if ($_POST['cc_type'] == 'SWITCH' || $_POST['cc_type'] == 'SOLO') {
             $params['ISSUENUMBER'] = $_POST['cc_issue_nh-dns'];
         }
         if ($osC_ShoppingCart->hasShippingAddress()) {
             $params['SHIPTONAME'] = $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname');
             $params['SHIPTOSTREET'] = $osC_ShoppingCart->getShippingAddress('street_address');
             $params['SHIPTOCITY'] = $osC_ShoppingCart->getShippingAddress('city');
             $params['SHIPTOSTATE'] = $osC_ShoppingCart->getShippingAddress('zone_code');
             $params['SHIPTOCOUNTRYCODE'] = $osC_ShoppingCart->getShippingAddress('country_iso_code_2');
             $params['SHIPTOZIP'] = $osC_ShoppingCart->getShippingAddress('postcode');
         }
         $post_string = '';
         foreach ($params as $key => $value) {
             $post_string .= $key . '=' . urlencode(trim($value)) . '&';
         }
         $post_string = substr($post_string, 0, -1);
         $response = $this->sendTransactionToGateway($this->api_url, $post_string);
         $response_array = array();
         parse_str($response, $response_array);
         if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
             $messageStack->add_session('checkout', stripslashes($response_array['L_LONGMESSAGE0']), 'error');
             osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
         } else {
             $orders_id = osC_Order::insert();
             $comments = 'PayPal Website Payments Pro (US) Direct Payments [' . 'ACK: ' . $response_array['ACK'] . '; TransactionID: ' . $response_array['TRANSACTIONID'] . ';' . ']';
             osC_Order::process($orders_id, ORDERS_STATUS_PAID, $comments);
         }
     } else {
         $messageStack->add_session('checkout', $osC_Language->get('payment_paypal_direct_error_all_fields_required'), 'error');
         osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
     }
 }
Ejemplo n.º 9
0
 function process()
 {
     global $osC_Currencies, $osC_ShoppingCart, $messageStack, $osC_Customer, $osC_Tax, $osC_CreditCard;
     $this->_verifyData();
     $orders_id = osC_Order::insert();
     $params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_LOGIN_ID, 0, 20), 'x_tran_key' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_TRANSACTION_KEY, 0, 16), 'x_version' => '3.1', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '"', 'x_relay_response' => 'FALSE', 'x_first_name' => substr($osC_ShoppingCart->getBillingAddress('firstname'), 0, 50), 'x_last_name' => substr($osC_ShoppingCart->getBillingAddress('lastname'), 0, 50), 'x_company' => substr($osC_ShoppingCart->getBillingAddress('company'), 0, 50), 'x_address' => substr($osC_ShoppingCart->getBillingAddress('street_address'), 0, 60), 'x_city' => substr($osC_ShoppingCart->getBillingAddress('city'), 0, 40), 'x_state' => substr($osC_ShoppingCart->getBillingAddress('state'), 0, 40), 'x_zip' => substr($osC_ShoppingCart->getBillingAddress('postcode'), 0, 20), 'x_country' => substr($osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 0, 60), 'x_cust_id' => substr($osC_Customer->getID(), 0, 20), 'x_customer_ip' => osc_get_ip_address(), 'x_invoice_num' => $order_id, 'x_email' => substr($osC_Customer->getEmailAddress(), 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => substr($osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), 0, 15), 'x_currency_code' => substr($osC_Currencies->getCode(), 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY', 'x_card_num' => $osC_CreditCard->getNumber(), 'x_exp_date' => $osC_CreditCard->getExpiryMonth() . $osC_CreditCard->getExpiryYear());
     if (ACCOUNT_TELEPHONE > -1) {
         $params['x_phone'] = $osC_ShoppingCart->getBillingAddress('telephone_number');
     }
     if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_VERIFY_WITH_CVC == '1') {
         $params['x_card_code'] = $osC_CreditCard->getCVC();
     }
     if ($osC_ShoppingCart->hasShippingAddress()) {
         $params['x_ship_to_first_name'] = substr($osC_ShoppingCart->getShippingAddress('firstname'), 0, 50);
         $params['x_ship_to_last_name'] = substr($osC_ShoppingCart->getShippingAddress('lastname'), 0, 50);
         $params['x_ship_to_company'] = substr($osC_ShoppingCart->getShippingAddress('company'), 0, 50);
         $params['x_ship_to_address'] = substr($osC_ShoppingCart->getShippingAddress('street_address'), 0, 60);
         $params['x_ship_to_city'] = substr($osC_ShoppingCart->getShippingAddress('city'), 0, 40);
         $params['x_ship_to_state'] = substr($osC_ShoppingCart->getShippingAddress('zone_code'), 0, 40);
         $params['x_ship_to_zip'] = substr($osC_ShoppingCart->getShippingAddress('postcode'), 0, 20);
         $params['x_ship_to_country'] = substr($osC_ShoppingCart->getShippingAddress('country_iso_code_2'), 0, 60);
     }
     if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_MODE == 'Test') {
         $params['x_test_request'] = 'TRUE';
     }
     $shipping_tax = $osC_ShoppingCart->getShippingMethod('cost') * ($osC_Tax->getTaxRate($osC_ShoppingCart->getShippingMethod('tax_class_id'), $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')) / 100);
     $total_tax = $osC_ShoppingCart->getTax() - $shipping_tax;
     if ($total_tax > 0) {
         $params['x_tax'] = $osC_Currencies->formatRaw($total_tax);
     }
     $params['x_freight'] = $osC_Currencies->formatRaw($osC_ShoppingCart->getShippingMethod('cost'));
     $post_string = '';
     foreach ($params as $key => $value) {
         $post_string .= $key . '=' . urlencode(trim($value)) . '&';
     }
     $post_string = substr($post_string, 0, -1);
     if ($osC_ShoppingCart->hasContents()) {
         $i = 1;
         foreach ($osC_ShoppingCart->getProducts() as $product) {
             $post_string .= '&x_line_item=' . urlencode($i) . '<|>' . urlencode(substr($product['name'], 0, 31)) . '<|>' . urlencode(substr($product['name'], 0, 255)) . '<|>' . urlencode($product['quantity']) . '<|>' . urlencode($osC_Currencies->formatRaw($product['final_price'])) . '<|>' . urlencode($product['tax_class_id'] > 0 ? 'YES' : 'NO');
             $i++;
         }
     }
     switch (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_SERVER) {
         case 'Live':
             $gateway_url = 'https://secure.authorize.net/gateway/transact.dll';
             break;
         default:
             $gateway_url = 'https://test.authorize.net/gateway/transact.dll';
             break;
     }
     $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
     if (!empty($transaction_response)) {
         $regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $transaction_response);
         foreach ($regs as $key => $value) {
             $regs[$key] = substr($value, 1, -1);
             // remove double quotes
         }
     } else {
         $regs = array('-1', '-1', '-1');
     }
     $error = false;
     if ($regs[0] == '1') {
         if (!osc_empty(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH)) {
             if (strtoupper($regs[37]) != strtoupper(md5(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH . MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_LOGIN_ID . $regs[6] . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal())))) {
                 $error = 'general';
             }
         }
     } else {
         switch ($regs[2]) {
             case '7':
                 $error = 'invalid_expiration_date';
                 break;
             case '8':
                 $error = 'expired';
                 break;
             case '6':
             case '17':
             case '28':
                 $error = 'declined';
                 break;
             case '78':
                 $error = 'cvc';
                 break;
             default:
                 $error = 'general';
                 break;
         }
     }
     if ($error != false) {
         osC_Order::remove($orders_id);
         osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&error=' . $error, 'SSL'));
     } else {
         osC_Order::process($orders_id, $this->_order_status, $transaction_response);
     }
 }
Ejemplo n.º 10
0
 function insert($order_status = DEFAULT_ORDERS_STATUS_ID)
 {
     global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax, $toC_Wishlist;
     if (isset($_SESSION['prepOrderID'])) {
         $_prep = explode('-', $_SESSION['prepOrderID']);
         if ($_prep[0] == $osC_ShoppingCart->getCartID()) {
             return $_prep[1];
             // order_id
         } else {
             if (osC_Order::getStatusID($_prep[1]) === ORDERS_STATUS_PREPARING) {
                 osC_Order::remove($_prep[1]);
             }
         }
     }
     if (!class_exists(osC_Account)) {
         require_once 'includes/classes/account.php';
     }
     if (!$osC_Customer->isLoggedOn()) {
         osC_Order::createCustomer();
     } else {
         //insert billing address
         $billing_address = $osC_ShoppingCart->getBillingAddress();
         if (isset($billing_address['id']) && $billing_address['id'] == '-1') {
             osC_Account::createNewAddress($osC_Customer->getID(), $billing_address);
         }
         //insert shipping address
         if (!isset($billing_address['ship_to_this_address']) || isset($billing_address['ship_to_this_address']) && empty($billing_address['ship_to_this_address'])) {
             $shipping_address = $osC_ShoppingCart->getShippingAddress();
             if (isset($shipping_address['id']) && $shipping_address['id'] == '-1') {
                 osC_Account::createNewAddress($osC_Customer->getID(), $shipping_address);
             }
         }
     }
     $Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_comment, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_zone_id, delivery_state_code, delivery_country_id, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, delivery_telephone, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_zone_id, billing_state_code, billing_country_id, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, billing_telephone, payment_method, payment_module, uses_store_credit, store_credit_amount, date_purchased, orders_status, currency, currency_value, gift_wrapping, wrapping_message) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_comment, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_zone_id, :delivery_state_code, :delivery_country_id, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :delivery_telephone, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_zone_id, :billing_state_code, :billing_country_id, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :billing_telephone, :payment_method, :payment_module, :uses_store_credit, :store_credit_amount, now(), :orders_status, :currency, :currency_value, :gift_wrapping, :wrapping_message)');
     $Qorder->bindTable(':table_orders', TABLE_ORDERS);
     $Qorder->bindInt(':customers_id', $osC_Customer->getID());
     $Qorder->bindValue(':customers_name', $osC_Customer->getName());
     $Qorder->bindValue(':customers_company', '');
     $Qorder->bindValue(':customers_street_address', '');
     $Qorder->bindValue(':customers_suburb', '');
     $Qorder->bindValue(':customers_city', '');
     $Qorder->bindValue(':customers_postcode', '');
     $Qorder->bindValue(':customers_state', '');
     $Qorder->bindValue(':customers_state_code', '');
     $Qorder->bindValue(':customers_country', '');
     $Qorder->bindValue(':customers_country_iso2', '');
     $Qorder->bindValue(':customers_country_iso3', '');
     $Qorder->bindValue(':customers_telephone', '');
     $Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress());
     $Qorder->bindValue(':customers_comment', $_SESSION['comments']);
     $Qorder->bindValue(':customers_address_format', '');
     $Qorder->bindValue(':customers_ip_address', osc_get_ip_address());
     $Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname'));
     $Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company'));
     $Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address'));
     $Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb'));
     $Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city'));
     $Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode'));
     $Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state'));
     $Qorder->bindValue(':delivery_zone_id', $osC_ShoppingCart->getShippingAddress('zone_id'));
     $Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code'));
     $Qorder->bindValue(':delivery_country_id', $osC_ShoppingCart->getShippingAddress('country_id'));
     $Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title'));
     $Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2'));
     $Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3'));
     $Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format'));
     $Qorder->bindValue(':delivery_telephone', $osC_ShoppingCart->getShippingAddress('telephone_number'));
     $Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname'));
     $Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company'));
     $Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address'));
     $Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb'));
     $Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city'));
     $Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode'));
     $Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state'));
     $Qorder->bindValue(':billing_zone_id', $osC_ShoppingCart->getBillingAddress('zone_id'));
     $Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code'));
     $Qorder->bindValue(':billing_country_id', $osC_ShoppingCart->getBillingAddress('country_id'));
     $Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title'));
     $Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2'));
     $Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3'));
     $Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format'));
     $Qorder->bindValue(':billing_telephone', $osC_ShoppingCart->getBillingAddress('telephone_number'));
     $Qorder->bindValue(':payment_method', implode(',', $osC_ShoppingCart->getCartBillingMethods()));
     $Qorder->bindValue(':payment_module', implode(',', $osC_ShoppingCart->getCartBillingModules()));
     $Qorder->bindInt(':uses_store_credit', $osC_ShoppingCart->isUseStoreCredit());
     $Qorder->bindValue(':store_credit_amount', $osC_ShoppingCart->isUseStoreCredit() ? $osC_ShoppingCart->getStoreCredit() : '0');
     $Qorder->bindInt(':orders_status', $order_status);
     $Qorder->bindValue(':currency', $osC_Currencies->getCode());
     $Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode()));
     $Qorder->bindInt(':gift_wrapping', $osC_ShoppingCart->isGiftWrapping() ? '1' : '0');
     $Qorder->bindValue(':wrapping_message', isset($_SESSION['gift_wrapping_comments']) ? $_SESSION['gift_wrapping_comments'] : '');
     $Qorder->execute();
     $insert_id = $osC_Database->nextID();
     foreach ($osC_ShoppingCart->getOrderTotals() as $module) {
         $Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)');
         $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
         $Qtotals->bindInt(':orders_id', $insert_id);
         $Qtotals->bindValue(':title', $module['title']);
         $Qtotals->bindValue(':text', $module['text']);
         $Qtotals->bindValue(':value', $module['value']);
         $Qtotals->bindValue(':class', $module['code']);
         $Qtotals->bindInt(':sort_order', $module['sort_order']);
         $Qtotals->execute();
     }
     $Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)');
     $Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY);
     $Qstatus->bindInt(':orders_id', $insert_id);
     $Qstatus->bindInt(':orders_status_id', $order_status);
     $Qstatus->bindInt(':customer_notified', '0');
     $Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : '');
     $Qstatus->execute();
     foreach ($osC_ShoppingCart->getProducts() as $products) {
         $Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_type, products_sku, products_name, products_price, final_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_type, :products_sku, :products_name, :products_price, :final_price, :products_tax, :products_quantity)');
         $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
         $Qproducts->bindInt(':orders_id', $insert_id);
         $Qproducts->bindInt(':products_id', osc_get_product_id($products['id']));
         $Qproducts->bindValue(':products_type', $products['type']);
         $Qproducts->bindValue(':products_sku', $products['sku']);
         $Qproducts->bindValue(':products_name', $products['name']);
         $Qproducts->bindValue(':products_price', $products['price']);
         $Qproducts->bindValue(':final_price', $products['final_price']);
         $Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id'], $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')));
         $Qproducts->bindInt(':products_quantity', $products['quantity']);
         $Qproducts->execute();
         $order_products_id = $osC_Database->nextID();
         if (!empty($products['customizations'])) {
             foreach ($products['customizations'] as $customization) {
                 $Qcustomization = $osC_Database->query('insert into :table_orders_products_customizations (orders_id, orders_products_id, quantity) values (:orders_id, :orders_products_id, :quantity)');
                 $Qcustomization->bindTable(':table_orders_products_customizations', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS);
                 $Qcustomization->bindInt(':orders_id', $insert_id);
                 $Qcustomization->bindInt(':orders_products_id', $order_products_id);
                 $Qcustomization->bindInt(':quantity', $customization['qty']);
                 $Qcustomization->execute();
                 $orders_products_customizations_id = $osC_Database->nextID();
                 foreach ($customization['fields'] as $field) {
                     $Qfield = $osC_Database->query('insert into :table_orders_products_customizations_values (orders_products_customizations_id , customization_fields_id, customization_fields_name, customization_fields_type, customization_fields_value, cache_file_name) values (:orders_products_customizations_id, :customization_fields_id, :customization_fields_name, :customization_fields_type, :customization_fields_value, :cache_file_name)');
                     $Qfield->bindTable(':table_orders_products_customizations_values', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS_VALUES);
                     $Qfield->bindInt(':orders_products_customizations_id', $orders_products_customizations_id);
                     $Qfield->bindInt(':customization_fields_id', $field['customization_fields_id']);
                     $Qfield->bindValue(':customization_fields_name', $field['customization_fields_name']);
                     $Qfield->bindInt(':customization_fields_type', $field['customization_type']);
                     $Qfield->bindValue(':customization_fields_value', $field['customization_value']);
                     $Qfield->bindValue(':cache_file_name', $field['cache_filename']);
                     $Qfield->execute();
                     if ($osC_Database->isError() === false) {
                         @copy(DIR_FS_CACHE . 'products_customizations/' . $field['cache_filename'], DIR_FS_CACHE . 'orders_customizations/' . $field['cache_filename']);
                     }
                 }
             }
         }
         if ($osC_ShoppingCart->hasVariants($products['id'])) {
             foreach ($osC_ShoppingCart->getVariants($products['id']) as $variants_id => $variants) {
                 $Qvariants = $osC_Database->query('select pvg.products_variants_groups_name, pvv.products_variants_values_name from :table_products_variants pv, :table_products_variants_entries pve, :table_products_variants_groups pvg, :table_products_variants_values pvv where pv.products_id = :products_id and pv.products_variants_id = pve.products_variants_id and pve.products_variants_groups_id = :groups_id and pve.products_variants_values_id = :variants_values_id and pve.products_variants_groups_id = pvg.products_variants_groups_id and pve.products_variants_values_id = pvv.products_variants_values_id and pvg.language_id = :pvg_language_id and pvv.language_id = :pvv_language_id');
                 $Qvariants->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                 $Qvariants->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES);
                 $Qvariants->bindTable(':table_products_variants_groups', TABLE_PRODUCTS_VARIANTS_GROUPS);
                 $Qvariants->bindTable(':table_products_variants_values', TABLE_PRODUCTS_VARIANTS_VALUES);
                 $Qvariants->bindInt(':products_id', $products['id']);
                 $Qvariants->bindInt(':groups_id', $variants['groups_id']);
                 $Qvariants->bindInt(':variants_values_id', $variants['variants_values_id']);
                 $Qvariants->bindInt(':pvg_language_id', $osC_Language->getID());
                 $Qvariants->bindInt(':pvv_language_id', $osC_Language->getID());
                 $Qvariants->execute();
                 $Qopv = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, products_variants_groups_id, products_variants_groups, products_variants_values_id, products_variants_values) values (:orders_id, :orders_products_id, :products_variants_groups_id, :products_variants_groups, :products_variants_values_id, :products_variants_values)');
                 $Qopv->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS);
                 $Qopv->bindInt(':orders_id', $insert_id);
                 $Qopv->bindInt(':orders_products_id', $order_products_id);
                 $Qopv->bindInt(':products_variants_groups_id', $variants['groups_id']);
                 $Qopv->bindValue(':products_variants_groups', $Qvariants->value('products_variants_groups_name'));
                 $Qopv->bindInt(':products_variants_values_id', $variants['variants_values_id']);
                 $Qopv->bindValue(':products_variants_values', $Qvariants->value('products_variants_values_name'));
                 $Qopv->execute();
             }
         }
         if ($products['type'] == PRODUCT_TYPE_DOWNLOADABLE) {
             $Qdownloadable = $osC_Database->query('select * from :table_products_downloadables where products_id = :products_id');
             $Qdownloadable->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES);
             $Qdownloadable->bindInt(':products_id', osc_get_product_id($products['id']));
             $Qdownloadable->execute();
             if ($osC_ShoppingCart->hasVariants($products['id'])) {
                 $variants_filename = $products['variant_filename'];
                 $variants_cache_filename = $products['variant_cache_filename'];
             } else {
                 $variants_filename = $Qdownloadable->value('filename');
                 $variants_cache_filename = $Qdownloadable->value('cache_filename');
             }
             $Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, orders_products_cache_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :orders_products_cache_filename, :download_maxdays, :download_count)');
             $Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD);
             $Qopd->bindInt(':orders_id', $insert_id);
             $Qopd->bindInt(':orders_products_id', $order_products_id);
             $Qopd->bindValue(':orders_products_filename', $variants_filename);
             $Qopd->bindValue(':orders_products_cache_filename', $variants_cache_filename);
             $Qopd->bindValue(':download_maxdays', $Qdownloadable->valueInt('number_of_accessible_days'));
             $Qopd->bindValue(':download_count', $Qdownloadable->valueInt('number_of_downloads') * $products['quantity']);
             $Qopd->execute();
         }
         if ($products['type'] == PRODUCT_TYPE_GIFT_CERTIFICATE) {
             require_once 'gift_certificates.php';
             $Qgc = $osC_Database->query('insert into :table_gift_certificates (orders_id, orders_products_id, gift_certificates_type, amount, gift_certificates_code, recipients_name, recipients_email, senders_name, senders_email, messages) values (:orders_id, :orders_products_id, :gift_certificates_type, :amount, :gift_certificates_code, :recipients_name, :recipients_email, :senders_name, :senders_email, :messages)');
             $Qgc->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES);
             $Qgc->bindInt(':orders_id', $insert_id);
             $Qgc->bindInt(':gift_certificates_type', $products['gc_data']['type']);
             $Qgc->bindInt(':orders_products_id', $order_products_id);
             $Qgc->bindValue(':amount', $products['price']);
             $Qgc->bindValue(':gift_certificates_code', toC_Gift_Certificates::createGiftCertificateCode());
             $Qgc->bindValue(':recipients_name', $products['gc_data']['recipients_name']);
             $Qgc->bindValue(':recipients_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['recipients_email'] : '');
             $Qgc->bindValue(':senders_name', $products['gc_data']['senders_name']);
             $Qgc->bindValue(':senders_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['senders_email'] : '');
             $Qgc->bindValue(':messages', $products['gc_data']['message']);
             $Qgc->execute();
         }
     }
     if ($osC_ShoppingCart->isUseStoreCredit()) {
         $Qhistory = $osC_Database->query('insert into :table_customers_credits_history (customers_id, action_type, date_added, amount, comments) values (:customers_id, :action_type, now(), :amount, :comments)');
         $Qhistory->bindTable(':table_customers_credits_history', TABLE_CUSTOMERS_CREDITS_HISTORY);
         $Qhistory->bindInt(':customers_id', $osC_Customer->getID());
         $Qhistory->bindInt(':action_type', STORE_CREDIT_ACTION_TYPE_ORDER_PURCHASE);
         $Qhistory->bindValue(':amount', $osC_ShoppingCart->getStoreCredit() * -1);
         $Qhistory->bindValue(':comments', sprintf($osC_Language->get('store_credit_order_number'), $insert_id));
         $Qhistory->execute();
         $Qcustomer = $osC_Database->query('update :table_customers set customers_credits = (customers_credits + :customers_credits) where customers_id = :customers_id');
         $Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
         $Qcustomer->bindRaw(':customers_credits', $osC_ShoppingCart->getStoreCredit() * -1);
         $Qcustomer->bindInt(':customers_id', $osC_Customer->getID());
         $Qcustomer->execute();
         $Qcredit = $osC_Database->query('select customers_credits from :table_customers where customers_id = :customers_id');
         $Qcredit->bindTable(':table_customers', TABLE_CUSTOMERS);
         $Qcredit->bindInt(':customers_id', $osC_Customer->getID());
         $Qcredit->execute();
         $osC_Customer->setStoreCredit($Qcredit->value('customers_credits'));
     }
     if ($osC_ShoppingCart->hasCoupon()) {
         include_once 'includes/classes/coupon.php';
         $toC_Coupon = new toC_Coupon($osC_ShoppingCart->getCouponCode());
         $Qcoupon = $osC_Database->query('insert into :table_coupons_redeem_history (coupons_id, customers_id, orders_id, redeem_amount, redeem_date, redeem_ip_address) values (:coupons_id, :customers_id, :orders_id, :redeem_amount, now(), :redeem_ip_address)');
         $Qcoupon->bindTable(':table_coupons_redeem_history', TABLE_COUPONS_REDEEM_HISTORY);
         $Qcoupon->bindInt(':coupons_id', $toC_Coupon->getID());
         $Qcoupon->bindInt(':customers_id', $osC_Customer->getID());
         $Qcoupon->bindInt(':orders_id', $insert_id);
         $Qcoupon->bindValue(':redeem_amount', $osC_ShoppingCart->getCouponAmount());
         $Qcoupon->bindValue(':redeem_ip_address', osc_get_ip_address());
         $Qcoupon->execute();
     }
     if ($osC_ShoppingCart->hasGiftCertificate()) {
         $gift_certificate_codes = $osC_ShoppingCart->getGiftCertificateRedeemAmount();
         foreach ($gift_certificate_codes as $gift_certificate_code => $amount) {
             $Qcertificate = $osC_Database->query('select gift_certificates_id from :table_gift_certificates where gift_certificates_code = :gift_certificates_code');
             $Qcertificate->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES);
             $Qcertificate->bindValue(':gift_certificates_code', $gift_certificate_code);
             $Qcertificate->execute();
             $Qinsert = $osC_Database->query('insert into :table_gift_certificates_redeem_history (gift_certificates_id, customers_id, orders_id, redeem_date, redeem_amount, redeem_ip_address) values (:gift_certificates_id, :customers_id, :orders_id, now(), :redeem_amount, :redeem_ip_address)');
             $Qinsert->bindTable(':table_gift_certificates_redeem_history', TABLE_GIFT_CERTIFICATES_REDEEM_HISTORY);
             $Qinsert->bindInt(':gift_certificates_id', $Qcertificate->valueInt(gift_certificates_id));
             $Qinsert->bindInt(':customers_id', $osC_Customer->getID());
             $Qinsert->bindInt(':orders_id', $insert_id);
             $Qinsert->bindValue(':redeem_amount', $amount);
             $Qinsert->bindValue(':redeem_ip_address', osc_get_ip_address());
             $Qinsert->execute();
         }
     }
     $_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id;
     return $insert_id;
 }
Ejemplo n.º 11
0
 function process()
 {
     global $osC_Database, $osC_MessageStack, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart;
     $this->_verifyData();
     $this->_order_id = osC_Order::insert();
     $params = array('x_version' => '3.1', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '"', 'x_relay_response' => 'FALSE', 'x_login' => MODULE_PAYMENT_AUTHORIZENET_ECHECK_LOGIN_ID, 'x_tran_key' => MODULE_PAYMENT_AUTHORIZENET_ECHECK_TRANSACTION_KEY, 'x_amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()), 'x_currency_code' => $osC_Currencies->getCode(), 'x_method' => 'ECHECK', 'x_bank_aba_code' => $_POST['authorizenet_echeck_routing_code'], 'x_bank_acct_num' => $_POST['authorizenet_echeck_account_number'], 'x_bank_acct_type' => $_POST['authorizenet_echeck_account_type'], 'x_bank_name' => $_POST['authorizenet_echeck_bank_name'], 'x_bank_acct_name' => $_POST['authorizenet_echeck_owner'], 'x_echeck_type' => 'WEB', 'x_type' => 'AUTH_ONLY', 'x_first_name' => $osC_ShoppingCart->getBillingAddress('firstname'), 'x_last_name' => $osC_ShoppingCart->getBillingAddress('lastname'), 'x_company' => $osC_ShoppingCart->getBillingAddress('company'), 'x_address' => $osC_ShoppingCart->getBillingAddress('street_address'), 'x_city' => $osC_ShoppingCart->getBillingAddress('city'), 'x_state' => $osC_ShoppingCart->getBillingAddress('state'), 'x_zip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'x_country' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'x_cust_id' => $osC_Customer->getID(), 'x_customer_ip' => osc_get_ip_address(), 'x_invoice_num' => $this->_order_id, 'x_email' => $osC_Customer->getEmailAddress(), 'x_email_customer' => 'FALSE', 'x_ship_to_first_name' => $osC_ShoppingCart->getShippingAddress('firstname'), 'x_ship_to_last_name' => $osC_ShoppingCart->getShippingAddress('lastname'), 'x_ship_to_company' => $osC_ShoppingCart->getShippingAddress('company'), 'x_ship_to_address' => $osC_ShoppingCart->getShippingAddress('street_address'), 'x_ship_to_city' => $osC_ShoppingCart->getShippingAddress('city'), 'x_ship_to_state' => $osC_ShoppingCart->getShippingAddress('state'), 'x_ship_to_zip' => $osC_ShoppingCart->getShippingAddress('postcode'), 'x_ship_to_country' => $osC_ShoppingCart->getShippingAddress('country_iso_code_2'));
     if (ACCOUNT_TELEPHONE > -1) {
         $params['x_phone'] = $osC_ShoppingCart->getBillingAddress('telephone_number');
     }
     if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_TRANSACTION_TEST_MODE == '1') {
         $params['x_test_request'] = 'TRUE';
     }
     if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_VERIFY_WITH_WF_SS == '1') {
         $params['x_customer_organization_type'] = $_POST['authorizenet_echeck_org_type'];
         $params['x_customer_tax_id'] = $_POST['authorizenet_echeck_tax_id'];
     }
     $post_string = '';
     foreach ($params as $key => $value) {
         $post_string .= $key . '=' . urlencode(trim($value)) . '&';
     }
     $post_string = substr($post_string, 0, -1);
     $this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string);
     if (empty($this->_transaction_response) === false) {
         $regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $this->_transaction_response);
         foreach ($regs as $key => $value) {
             $regs[$key] = substr($value, 1, -1);
             // remove double quotes
         }
     } else {
         $regs = array('-1', '-1', '-1');
     }
     $error = false;
     if ($regs[0] == '1') {
         if (!osc_empty(MODULE_PAYMENT_AUTHORIZENET_ECHECK_MD5_HASH)) {
             if (strtoupper($regs[37]) != strtoupper(md5(MODULE_PAYMENT_AUTHORIZENET_ECHECK_MD5_HASH . MODULE_PAYMENT_AUTHORIZENET_ECHECK_LOGIN_ID . $regs[6] . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode())))) {
                 $error = $osC_Language->get('payment_authorizenet_echeck_error_general');
             }
         }
     } else {
         switch ($regs[2]) {
             case '9':
                 $error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_routing_code');
                 break;
             case '10':
                 $error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_account');
                 break;
             case '77':
                 $error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_tax_id');
                 break;
             default:
                 $error = $osC_Language->get('payment_authorizenet_echeck_error_general');
                 break;
         }
     }
     if ($error === false) {
         osC_Order::process($this->_order_id, $this->order_status);
         $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
         $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
         $Qtransaction->bindInt(':orders_id', $this->_order_id);
         $Qtransaction->bindInt(':transaction_code', 1);
         $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
         $Qtransaction->bindInt(':transaction_return_status', 1);
         $Qtransaction->execute();
     } else {
         osC_Order::remove($this->_order_id);
         $osC_MessageStack->add('checkout_payment', $error, 'error');
         osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&authorizenet_echeck_owner=' . $_POST['authorizenet_echeck_owner'] . '&authorizenet_echeck_account_type=' . $_POST['authorizenet_echeck_account_type'] . '&authorizenet_echeck_bank_name=' . $_POST['authorizenet_echeck_bank_name'] . '&authorizenet_echeck_routing_code=' . $_POST['authorizenet_echeck_routing_code'], 'SSL'));
     }
 }
 function process()
 {
     global $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack;
     $currency = $osC_Currencies->getCode();
     if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && isset($this->cc_types[$_POST['cc_type']]) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) {
         $params = array('USER' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_USERNAME || MODULE_PAYMENT_PAYPAL_UK_DIRECT_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'AMT' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal() - $osC_ShoppingCart->getShippingMethod('cost'), $currency), 'CURRENCY' => $currency, 'NAME' => $_POST['cc_owner'], 'STREET' => $osC_ShoppingCart->getBillingAddress('street_address'), 'CITY' => $osC_ShoppingCart->getBillingAddress('city'), 'STATE' => $osC_ShoppingCart->getBillingAddress('state'), 'COUNTRY' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'ZIP' => $osC_ShoppingCart->getBillingAddress('postcode'), 'CLIENTIP' => osc_get_ip_address(), 'EMAIL' => $osC_ShoppingCart->getBillingAddress('email_address'), 'ACCT' => $_POST['cc_number_nh-dns'], 'ACCTTYPE' => $_POST['cc_type'], 'CARDSTART' => $_POST['cc_starts_month'] . $_POST['cc_starts_year'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], 'BUTTONSOURCE' => 'tomatcart');
         if ($_POST['cc_type'] == 'SWITCH' || $_POST['cc_type'] == 'SOLO') {
             $params['ISSUENUMBER'] = $_POST['cc_issue_nh-dns'];
         }
         if ($osC_ShoppingCart->hasShippingAddress()) {
             $params['SHIPTONAME'] = $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname');
             $params['SHIPTOSTREET'] = $osC_ShoppingCart->getShippingAddress('street_address');
             $params['SHIPTOCITY'] = $osC_ShoppingCart->getShippingAddress('city');
             $params['SHIPTOSTATE'] = $osC_ShoppingCart->getShippingAddress('zone_code');
             $params['SHIPTOCOUNTRYCODE'] = $osC_ShoppingCart->getShippingAddress('country_iso_code_2');
             $params['SHIPTOZIP'] = $osC_ShoppingCart->getShippingAddress('postcode');
         }
         $post_string = '';
         foreach ($params as $key => $value) {
             $post_string .= $key . '=' . urlencode(trim($value)) . '&';
         }
         $post_string = substr($post_string, 0, -1);
         $response = $this->sendTransactionToGateway($this->api_url, $post_string);
         $response_array = array();
         parse_str($response, $response_array);
         if ($response_array['RESULT'] != '0') {
             switch ($response_array['RESULT']) {
                 case '1':
                 case '26':
                     $error_message = $osC_Language->get('payment_paypal_uk_direct_error_cfg_error');
                     break;
                 case '7':
                     $error_message = $osC_Language->get('payment_paypal_uk_direct_error_address');
                     break;
                 case '12':
                     $error_message = $osC_Language->get('payment_paypal_uk_direct_error_declined');
                     break;
                 case '23':
                 case '24':
                     $error_message = $osC_Language->get('payment_paypal_uk_direct_error_invalid_credit_card');
                     break;
                 default:
                     $error_message = $osC_Language->get('payment_paypal_uk_direct_error_general');
                     break;
             }
             $messageStack->add_session('checkout', $error_message, 'error');
             osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
         } else {
             $comments = 'PayPal Website Payments Pro (US) Direct Payments perform successfully.';
             $orders_id = osC_Order::insert();
             osC_Order::process($orders_id, ORDERS_STATUS_PAID, $comments);
         }
     } else {
         $messageStack->add_session('checkout', $error_message, 'error');
         osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
     }
 }
Ejemplo n.º 13
0
 public static function start()
 {
     Registry::set('Session', SessionClass::load());
     $OSCOM_Session = Registry::get('Session');
     $OSCOM_Session->setLifeTime(SERVICE_SESSION_EXPIRATION_TIME * 60);
     if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1' || (bool) ini_get('session.use_only_cookies') === true) {
         osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
         if (isset($_COOKIE['cookie_test'])) {
             $OSCOM_Session->start();
         }
     } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
         $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
         $spider_flag = false;
         if (!empty($user_agent)) {
             $spiders = file('includes/spiders.txt');
             foreach ($spiders as $spider) {
                 if (!empty($spider)) {
                     if (strpos($user_agent, trim($spider)) !== false) {
                         $spider_flag = true;
                         break;
                     }
                 }
             }
         }
         if ($spider_flag === false) {
             $OSCOM_Session->start();
         }
     } else {
         $OSCOM_Session->start();
     }
     // verify the ssl_session_id
     if (OSCOM::getRequestType() == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
         if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
             if (!isset($_SESSION['SESSION_SSL_ID'])) {
                 $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
             }
             if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
                 $OSCOM_Session->destroy();
                 osc_redirect(OSCOM::getLink(null, 'Info', 'SSLcheck', 'AUTO'));
             }
         }
     }
     // verify the browser user agent
     if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
         $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
         if (!isset($_SESSION['SESSION_USER_AGENT'])) {
             $_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
         }
         if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
             $OSCOM_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     // verify the IP address
     if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
         if (!isset($_SESSION['SESSION_IP_ADDRESS'])) {
             $_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address();
         }
         if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) {
             $OSCOM_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     Registry::get('MessageStack')->loadFromSession();
     return true;
 }
Ejemplo n.º 14
0
 public static function start()
 {
     $OSCOM_Customer = Registry::get('Customer');
     $OSCOM_Database = Registry::get('Database');
     if ($OSCOM_Customer->isLoggedOn()) {
         $wo_customer_id = $OSCOM_Customer->getID();
         $wo_full_name = $OSCOM_Customer->getName();
     } else {
         $wo_customer_id = null;
         $wo_full_name = 'Guest';
         if (SERVICE_WHOS_ONLINE_SPIDER_DETECTION == '1') {
             $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
             if (!empty($user_agent)) {
                 $spiders = file('includes/spiders.txt');
                 foreach ($spiders as $spider) {
                     if (!empty($spider)) {
                         if (strpos($user_agent, trim($spider)) !== false) {
                             $wo_full_name = $spider;
                             break;
                         }
                     }
                 }
             }
         }
     }
     $wo_session_id = session_id();
     $wo_ip_address = osc_get_ip_address();
     $wo_last_page_url = osc_output_string_protected(substr($_SERVER['REQUEST_URI'], 0, 255));
     $current_time = time();
     $xx_mins_ago = $current_time - 900;
     // remove entries that have expired
     $Qwhosonline = $OSCOM_Database->query('delete from :table_whos_online where time_last_click < :time_last_click');
     $Qwhosonline->bindValue(':time_last_click', $xx_mins_ago);
     $Qwhosonline->execute();
     $Qwhosonline = $OSCOM_Database->query('select count(*) as count from :table_whos_online where session_id = :session_id');
     $Qwhosonline->bindValue(':session_id', $wo_session_id);
     $Qwhosonline->execute();
     if ($Qwhosonline->valueInt('count') > 0) {
         $Qwhosonline = $OSCOM_Database->query('update :table_whos_online set customer_id = :customer_id, full_name = :full_name, ip_address = :ip_address, time_last_click = :time_last_click, last_page_url = :last_page_url where session_id = :session_id');
         if ($wo_customer_id > 0) {
             $Qwhosonline->bindInt(':customer_id', $wo_customer_id);
         } else {
             $Qwhosonline->bindRaw(':customer_id', 'null');
         }
         $Qwhosonline->bindValue(':full_name', $wo_full_name);
         $Qwhosonline->bindValue(':ip_address', $wo_ip_address);
         $Qwhosonline->bindValue(':time_last_click', $current_time);
         $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
         $Qwhosonline->bindValue(':session_id', $wo_session_id);
         $Qwhosonline->execute();
     } else {
         $Qwhosonline = $OSCOM_Database->query('insert into :table_whos_online (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (:customer_id, :full_name, :session_id, :ip_address, :time_entry, :time_last_click, :last_page_url)');
         if ($wo_customer_id > 0) {
             $Qwhosonline->bindInt(':customer_id', $wo_customer_id);
         } else {
             $Qwhosonline->bindRaw(':customer_id', 'null');
         }
         $Qwhosonline->bindValue(':full_name', $wo_full_name);
         $Qwhosonline->bindValue(':session_id', $wo_session_id);
         $Qwhosonline->bindValue(':ip_address', $wo_ip_address);
         $Qwhosonline->bindValue(':time_entry', $current_time);
         $Qwhosonline->bindValue(':time_last_click', $current_time);
         $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
         $Qwhosonline->execute();
     }
     return true;
 }
 function generatePassword($email)
 {
     global $osC_Database;
     $password = osc_create_random_string(8);
     $Qpassword = $osC_Database->query('update :table_administrators set user_password = :user_password where email_address = :email_address');
     $Qpassword->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
     $Qpassword->bindValue(':user_password', osc_encrypt_string($password));
     $Qpassword->bindValue(':email_address', $email);
     $Qpassword->execute();
     if (!$osC_Database->isError()) {
         $Qadmin = $osC_Database->query('select id, user_name, email_address from :table_administrators where email_address = :email_address');
         $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
         $Qadmin->bindValue(':email_address', $email);
         $Qadmin->execute();
         include '../includes/classes/email_template.php';
         $email_template = toC_Email_Template::getEmailTemplate('admin_password_forgotten');
         $email_template->setData($Qadmin->value('user_name'), osc_get_ip_address(), $password, $email);
         $email_template->buildMessage();
         $email_template->sendEmail();
         return true;
     }
     return false;
 }
 function start()
 {
     global $osC_Customer, $osC_Database;
     if ($osC_Customer->isLoggedOn()) {
         $wo_customer_id = $osC_Customer->getID();
         $wo_full_name = $osC_Customer->getName();
     } else {
         $wo_customer_id = '0';
         $wo_full_name = 'Guest';
         if (SERVICE_WHOS_ONLINE_SPIDER_DETECTION == '1') {
             $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
             if (!empty($user_agent)) {
                 $spiders = file('includes/spiders.txt');
                 foreach ($spiders as $spider) {
                     if (!empty($spider)) {
                         if (strpos($user_agent, trim($spider)) !== false) {
                             $wo_customer_id = '-1';
                             $wo_full_name = $spider;
                             break;
                         }
                     }
                 }
             }
         }
     }
     $wo_session_id = session_id();
     $wo_ip_address = osc_get_ip_address();
     $wo_last_page_url = $_SERVER['REQUEST_URI'];
     if (!empty($_SERVER['HTTP_REFERER'])) {
         $referrer_url = parse_url($_SERVER['HTTP_REFERER']);
         $referrer_url = strtolower($referrer_url['host']);
     } else {
         $referrer_url = null;
     }
     // A Bot doesn't have a session (normally shouldn't), therefore the IP Address is used as unique identifier
     if (empty($wo_session_id)) {
         $wo_session_id = $wo_ip_address;
     }
     $current_time = time();
     $xx_mins_ago = $current_time - 900;
     // remove entries that have expired
     $Qwhosonline = $osC_Database->query('delete from :table_whos_online where time_last_click < :time_last_click');
     $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
     $Qwhosonline->bindValue(':time_last_click', $xx_mins_ago);
     $Qwhosonline->execute();
     $Qwhosonline = $osC_Database->query('select count(*) as count from :table_whos_online where session_id = :session_id');
     $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
     $Qwhosonline->bindValue(':session_id', $wo_session_id);
     $Qwhosonline->execute();
     if ($Qwhosonline->valueInt('count') > 0) {
         $Qwhosonline = $osC_Database->query('update :table_whos_online set customer_id = :customer_id, full_name = :full_name, ip_address = :ip_address, time_last_click = :time_last_click, last_page_url = :last_page_url where session_id = :session_id');
         $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
         $Qwhosonline->bindInt(':customer_id', $wo_customer_id);
         $Qwhosonline->bindValue(':full_name', $wo_full_name);
         $Qwhosonline->bindValue(':ip_address', $wo_ip_address);
         $Qwhosonline->bindValue(':time_last_click', $current_time);
         $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
         $Qwhosonline->bindValue(':session_id', $wo_session_id);
         $Qwhosonline->execute();
     } else {
         $Qwhosonline = $osC_Database->query('insert into :table_whos_online (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url, referrer_url) values (:customer_id, :full_name, :session_id, :ip_address, :time_entry, :time_last_click, :last_page_url, :referrer_url)');
         $Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
         $Qwhosonline->bindInt(':customer_id', $wo_customer_id);
         $Qwhosonline->bindValue(':full_name', $wo_full_name);
         $Qwhosonline->bindValue(':session_id', $wo_session_id);
         $Qwhosonline->bindValue(':ip_address', $wo_ip_address);
         $Qwhosonline->bindValue(':time_entry', $current_time);
         $Qwhosonline->bindValue(':time_last_click', $current_time);
         $Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
         $Qwhosonline->bindValue(':referrer_url', $referrer_url);
         $Qwhosonline->execute();
     }
     $Qwhosonline->freeResult();
     return true;
 }
 function process()
 {
     global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard;
     $this->_verifyData();
     $this->_order_id = osC_Order::insert();
     $params = array('orderID' => $this->_order_id, 'PSPID' => MODULE_PAYMENT_OGONE_DIRECTLINK_CC_MERCHANT_ID, 'PSWD' => MODULE_PAYMENT_OGONE_DIRECTLINK_CC_PASSWORD, 'amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100, 'currency' => $osC_Currencies->getCode(), 'CARDNO' => $osC_CreditCard->getNumber(), 'ED' => $osC_CreditCard->getExpiryMonth() . '/' . substr($osC_CreditCard->getExpiryYear(), -2), 'CVC' => $osC_CreditCard->getCVC(), 'CN' => $osC_CreditCard->getOwner(), 'EMAIL' => $osC_Customer->getEmailAddress(), 'Owneraddress' => $osC_ShoppingCart->getBillingAddress('street_address'), 'OwnerZip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'Ecom_Payment_Card_Verification' => $osC_CreditCard->getCVC(), 'Operation' => 'RES', 'REMOTE_ADDR' => osc_get_ip_address(), 'COM' => 'Customer ID: ' . $osC_Customer->getID());
     if (osc_empty(MODULE_PAYMENT_OGONE_DIRECTLINK_CC_USER_ID) === false) {
         $params['USERID'] = MODULE_PAYMENT_OGONE_DIRECTLINK_CC_USER_ID;
     }
     if (osc_empty(MODULE_PAYMENT_OGONE_DIRECTLINK_CC_SHA1_SIGNATURE) === false) {
         $params['SHASign'] = sha1($this->_order_id . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100 . $osC_Currencies->getCode() . $osC_CreditCard->getNumber() . MODULE_PAYMENT_OGONE_DIRECTLINK_CC_MERCHANT_ID . 'RES' . MODULE_PAYMENT_OGONE_DIRECTLINK_CC_SHA1_SIGNATURE);
     }
     $post_string = '';
     foreach ($params as $key => $value) {
         $post_string .= $key . '=' . urlencode(trim($value)) . '&';
     }
     $post_string = substr($post_string, 0, -1);
     $this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string);
     if (empty($this->_transaction_response) === false) {
         $osC_XML = new osC_XML($this->_transaction_response);
         $result = $osC_XML->toArray();
     } else {
         $result = array('ncresponse attr' => array('STATUS' => ''));
     }
     switch ($result['ncresponse attr']['STATUS']) {
         case '':
         case '0':
         case '2':
             osC_Order::remove($this->_order_id);
             $messageStack->add_session('checkout_payment', $osC_Language->get('payment_ogone_directlink_cc_error_general'), 'error');
             osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&ogone_directlink_cc_owner=' . $osC_CreditCard->getOwner() . '&ogone_directlink_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&ogone_directlink_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_OGONE_DIRECTLINK_CC_VERIFY_WITH_CVC == '1' ? '&ogone_directlink_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL'));
             break;
     }
     osC_Order::process($this->_order_id, $this->order_status);
     $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
     $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
     $Qtransaction->bindInt(':orders_id', $this->_order_id);
     $Qtransaction->bindInt(':transaction_code', 1);
     $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
     $Qtransaction->bindInt(':transaction_return_status', 1);
     $Qtransaction->execute();
 }
 function _insertGiftCertificateRedeemHistory($gift_certificate_code)
 {
     global $osC_Database;
     //get gift certificate id
     $Qcertificate = $osC_Database->query('select gift_certificates_id from :table_gift_certificates where gift_certificates_code = :gift_certificates_code');
     $Qcertificate->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES);
     $Qcertificate->bindValue(':gift_certificates_code', $gift_certificate_code);
     $Qcertificate->execute();
     $Qinsert = $osC_Database->query('insert into :table_gift_certificates_redeem_history (gift_certificates_id, customers_id, orders_id, redeem_date, redeem_amount, redeem_ip_address) values (:gift_certificates_id, :customers_id, :orders_id, now(), :redeem_amount, :redeem_ip_address)');
     $Qinsert->bindTable(':table_gift_certificates_redeem_history', TABLE_GIFT_CERTIFICATES_REDEEM_HISTORY);
     $Qinsert->bindInt(':gift_certificates_id', $Qcertificate->valueInt('gift_certificates_id'));
     $Qinsert->bindInt(':customers_id', $this->_customer['customers_id']);
     $Qinsert->bindInt(':orders_id', $this->getOrderID());
     $Qinsert->bindValue(':redeem_amount', $this->_gift_certificate_redeem_amount[$gift_certificate_code]);
     $Qinsert->bindValue(':redeem_ip_address', osc_get_ip_address());
     $Qinsert->setLogging($_SESSION['module'], $this->getOrderID());
     $Qinsert->execute();
     if (!$osC_Database->isError()) {
         return true;
     }
     return false;
 }
 function callback()
 {
     global $osC_Database;
     $ip_address = osc_get_ip_address();
     if ($ip_address == '69.20.58.35' || $ip_address == '207.97.201.192') {
         if (isset($_POST['cs1']) && is_numeric($_POST['cs1']) && isset($_POST['cs2']) && is_numeric($_POST['cs2']) && isset($_POST['cs3']) && empty($_POST['cs3']) === false && isset($_POST['product_id']) && $_POST['product_id'] == MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID && isset($_POST['total']) && empty($_POST['total']) === false && isset($_POST['transaction_type']) && empty($_POST['transaction_type']) === false) {
             if (osC_Order::exists($_POST['cs2'], $_POST['cs1'])) {
                 $pass = false;
                 $post_array = array('root' => $_POST);
                 $osC_XML = new osC_XML($post_array);
                 if ($_POST['cs3'] == md5(MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID . $_POST['cs2'] . $_POST['cs1'] . $_POST['total'] . MODULE_PAYMENT_CHRONOPAY_MD5_HASH)) {
                     if (osC_Order::getStatusID($_POST['cs2']) === 4) {
                         $pass = true;
                         osC_Order::process($_POST['cs2'], $this->order_status);
                     }
                 }
                 $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
                 $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
                 $Qtransaction->bindInt(':orders_id', $_POST['cs2']);
                 $Qtransaction->bindInt(':transaction_code', 1);
                 $Qtransaction->bindValue(':transaction_return_value', $osC_XML->toXML());
                 $Qtransaction->bindInt(':transaction_return_status', $pass === true ? 1 : 0);
                 $Qtransaction->execute();
             }
         }
     }
 }
 function process_button()
 {
     global $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Tax, $osC_Session;
     $process_button_string = '';
     $params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_LOGIN_ID, 0, 20), 'x_version' => '3.1', 'x_show_form' => 'PAYMENT_FORM', 'x_receipt_link_met' => 'POST', 'x_receipt_link_url' => osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL', false, false, true), 'x_relay_response' => 'TRUE', 'x_relay_url' => osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL', false, false, true), 'x_first_name' => substr($osC_ShoppingCart->getBillingAddress('firstname'), 0, 50), 'x_last_name' => substr($osC_ShoppingCart->getBillingAddress('lastname'), 0, 50), 'x_company' => substr($osC_ShoppingCart->getBillingAddress('company'), 0, 50), 'x_address' => substr($osC_ShoppingCart->getBillingAddress('street_address'), 0, 60), 'x_city' => substr($osC_ShoppingCart->getBillingAddress('city'), 0, 40), 'x_state' => substr($osC_ShoppingCart->getBillingAddress('state'), 0, 40), 'x_zip' => substr($osC_ShoppingCart->getBillingAddress('postcode'), 0, 20), 'x_country' => substr($osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 0, 60), 'x_phone' => substr($osC_ShoppingCart->getBillingAddress('telephone_number'), 0, 25), 'x_cust_id' => substr($osC_Customer->getID(), 0, 20), 'x_cus_ip' => osc_get_ip_address(), 'x_email' => substr($osC_Customer->getEmailAddress(), 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), 'x_currency_code' => substr($osC_Currencies->getCode(), 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY');
     if ($osC_ShoppingCart->hasShippingAddress()) {
         $params['x_ship_to_first_name'] = substr($osC_ShoppingCart->getShippingAddress('firstname'), 0, 50);
         $params['x_ship_to_last_name'] = substr($osC_ShoppingCart->getShippingAddress('lastname'), 0, 50);
         $params['x_ship_to_company'] = substr($osC_ShoppingCart->getShippingAddress('company'), 0, 50);
         $params['x_ship_to_address'] = substr($osC_ShoppingCart->getShippingAddress('street_address'), 0, 60);
         $params['x_ship_to_city'] = substr($osC_ShoppingCart->getShippingAddress('city'), 0, 40);
         $params['x_ship_to_state'] = substr($osC_ShoppingCart->getShippingAddress('zone_code'), 0, 40);
         $params['x_ship_to_zip'] = substr($osC_ShoppingCart->getShippingAddress('postcode'), 0, 20);
         $params['x_ship_to_country'] = substr($osC_ShoppingCart->getShippingAddress('country_iso_code_2'), 0, 60);
     }
     $hash_params = $this->_InsertFP(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_LOGIN_ID, MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_TRANSACTION_KEY, $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), rand(1, 1000), $osC_Currencies->getCode());
     $params = array_merge($params, $hash_params);
     if (MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_MODE == 'Test') {
         $params['x_test_request'] = 'TRUE';
     }
     foreach ($params as $key => $value) {
         $process_button_string .= osc_draw_hidden_field($key, $value);
     }
     if ($osC_ShoppingCart->hasContents()) {
         foreach ($osC_ShoppingCart->getProducts() as $key => $product) {
             $process_button_string .= osc_draw_hidden_field('x_line_item', $key + 1 . '<|>' . substr($product['name'], 0, 31) . '<|>' . substr($product['name'], 0, 255) . '<|>' . $product['quantity'] . '<|>' . $osC_Currencies->formatRaw($product['final_price']) . '<|>' . ($product['tax_class_id'] > 0 ? 'YES' : 'NO'));
         }
     }
     $shipping_tax = $osC_ShoppingCart->getShippingMethod('cost') * ($osC_Tax->getTaxRate($osC_ShoppingCart->getShippingMethod('tax_class_id'), $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')) / 100);
     $total_tax = $osC_ShoppingCart->getTax() - $shipping_tax;
     if ($total_tax > 0) {
         $process_button_string .= osc_draw_hidden_field('x_tax', $osC_Currencies->formatRaw($total_tax));
     }
     $process_button_string .= osc_draw_hidden_field('x_freight', $osC_Currencies->formatRaw($osC_ShoppingCart->getShippingMethod('cost'))) . osc_draw_hidden_field($osC_Session->getName(), $osC_Session->getID());
     return $process_button_string;
 }
Ejemplo n.º 21
0
 function start()
 {
     global $request_type, $osC_Session, $messageStack;
     if (ini_get('session.use_cookies') == '0') {
         ini_set('session.use_cookies', '1');
     }
     if (ini_get('session.use_trans_sid') == '1') {
         ini_set('session.use_trans_sid', '0');
     }
     include 'includes/classes/session.php';
     $osC_Session = new osC_Session();
     if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
         osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
         if (isset($_COOKIE['cookie_test'])) {
             $osC_Session->start();
         }
     } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
         $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
         $spider_flag = false;
         if (empty($user_agent) === false) {
             $spiders = file('includes/spiders.txt');
             foreach ($spiders as $spider) {
                 if (empty($spider) === false) {
                     if (strpos($user_agent, trim($spider)) !== false) {
                         $spider_flag = true;
                         break;
                     }
                 }
             }
         }
         if ($spider_flag === false) {
             $osC_Session->start();
         }
     } else {
         $osC_Session->start();
     }
     // verify the ssl_session_id
     if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
         if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
             if (isset($_SESSION['SESSION_SSL_ID']) === false) {
                 $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
             }
             if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
                 $osC_Session->destroy();
                 osc_redirect(osc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
             }
         }
     }
     // verify the browser user agent
     if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
         $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
         if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
             $_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
         }
         if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
             $osC_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     // verify the IP address
     if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
         if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
             $_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address();
         }
         if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) {
             $osC_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     // add messages in the session to the message stack
     $messageStack->loadFromSession();
     return true;
 }
Ejemplo n.º 22
0
 function process()
 {
     global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard;
     $this->_verifyData();
     $this->_order_id = osC_Order::insert();
     $params = array('action' => 'ns_quicksale_cc', 'acctid' => MODULE_PAYMENT_PAYQUAKE_CC_ACCOUNT_ID, 'amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), 'USD'), 'ccname' => $osC_CreditCard->getOwner(), 'expmon' => $osC_CreditCard->getExpiryMonth(), 'expyear' => $osC_CreditCard->getExpiryYear(), 'authonly' => '1', 'ci_companyname' => $osC_ShoppingCart->getBillingAddress('company'), 'ci_billaddr1' => $osC_ShoppingCart->getBillingAddress('street_address'), 'ci_billcity' => $osC_ShoppingCart->getBillingAddress('city'), 'ci_billstate' => $osC_ShoppingCart->getBillingAddress('zone_code'), 'ci_billzip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'ci_billcountry' => $osC_ShoppingCart->getBillingAddress('country_title'), 'ci_shipaddr1' => $osC_ShoppingCart->getShippingAddress('street_address'), 'ci_shipcity' => $osC_ShoppingCart->getShippingAddress('city'), 'ci_shipstate' => $osC_ShoppingCart->getShippingAddress('zone_code'), 'ci_shipzip' => $osC_ShoppingCart->getShippingAddress('postcode'), 'ci_shipcountry' => $osC_ShoppingCart->getShippingAddress('country_title'), 'ci_phone' => $osC_ShoppingCart->getBillingAddress('telephone_number'), 'ci_email' => $osC_Customer->getEmailAddress(), 'email_from' => STORE_OWNER_EMAIL_ADDRESS, 'ci_ipaddress' => osc_get_ip_address(), 'merchantordernumber' => $osC_Customer->getID(), 'pocustomerrefid' => $this->_order_id);
     if (!osc_empty(MODULE_PAYMENT_PAYQUAKE_CC_3DES)) {
         $key = pack('H48', MODULE_PAYMENT_PAYQUAKE_CC_3DES);
         $data = bin2hex(mcrypt_encrypt(MCRYPT_3DES, $key, $osC_CreditCard->getNumber(), MCRYPT_MODE_ECB));
         $params['ccnum'] = $data;
         unset($key);
         unset($data);
     } else {
         $params['ccnum'] = $osC_CreditCard->getNumber();
     }
     if (MODULE_PAYMENT_PAYQUAKE_CC_VERIFY_WITH_CVC == '1') {
         $params['cvv2'] = $osC_CreditCard->getCVC();
     }
     if (!osc_empty(MODULE_PAYMENT_PAYQUAKE_CC_MERCHANT_PIN)) {
         $params['merchantPIN'] = MODULE_PAYMENT_PAYQUAKE_CC_MERCHANT_PIN;
     }
     $post_string = '';
     foreach ($params as $key => $value) {
         $post_string .= $key . '=' . urlencode(trim($value)) . '&';
     }
     $post_string = substr($post_string, 0, -1);
     $this->_transaction_response = $this->sendTransactionToGateway('https://trans.merchantpartners.com/cgi-bin/process.cgi', $post_string);
     $error = false;
     if (!empty($this->_transaction_response)) {
         $regs = explode("\n", trim($this->_transaction_response));
         array_shift($regs);
         $result = array();
         foreach ($regs as $response) {
             $res = explode('=', $response, 2);
             $result[strtolower(trim($res[0]))] = trim($res[1]);
         }
         if ($result['status'] != 'Accepted') {
             $error = explode(':', $result['reason'], 3);
             $error = $error[2];
             if (empty($error)) {
                 $error = $osC_Language->get('payment_payquake_cc_error_general');
             }
         }
     } else {
         $error = $osC_Language->get('payment_payquake_cc_error_general');
     }
     if ($error === false) {
         osC_Order::process($this->_order_id, $this->order_status);
         $Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
         $Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
         $Qtransaction->bindInt(':orders_id', $this->_order_id);
         $Qtransaction->bindInt(':transaction_code', 1);
         $Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
         $Qtransaction->bindInt(':transaction_return_status', 1);
         $Qtransaction->execute();
     } else {
         osC_Order::remove($this->_order_id);
         $messageStack->add_session('checkout_payment', $error, 'error');
         osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&payquake_cc_owner=' . $osC_CreditCard->getOwner() . '&payquake_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&payquake_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_PAYQUAKE_CC_VERIFY_WITH_CVC == '1' ? '&payquake_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL'));
     }
 }
Ejemplo n.º 23
0
 function insert()
 {
     global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax;
     if (isset($_SESSION['prepOrderID'])) {
         $_prep = explode('-', $_SESSION['prepOrderID']);
         if ($_prep[0] == $osC_ShoppingCart->getCartID()) {
             return $_prep[1];
             // order_id
         } else {
             if (osC_Order::getStatusID($_prep[1]) === 4) {
                 osC_Order::remove($_prep[1]);
             }
         }
     }
     $customer_address = osC_AddressBook::getEntry($osC_Customer->getDefaultAddressID())->toArray();
     $Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_state_code, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_state_code, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, payment_method, payment_module, date_purchased, orders_status, currency, currency_value) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_state_code, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_state_code, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :payment_method, :payment_module, now(), :orders_status, :currency, :currency_value)');
     $Qorder->bindTable(':table_orders', TABLE_ORDERS);
     $Qorder->bindInt(':customers_id', $osC_Customer->getID());
     $Qorder->bindValue(':customers_name', $osC_Customer->getName());
     $Qorder->bindValue(':customers_company', $customer_address['entry_company']);
     $Qorder->bindValue(':customers_street_address', $customer_address['entry_street_address']);
     $Qorder->bindValue(':customers_suburb', $customer_address['entry_suburb']);
     $Qorder->bindValue(':customers_city', $customer_address['entry_city']);
     $Qorder->bindValue(':customers_postcode', $customer_address['entry_postcode']);
     $Qorder->bindValue(':customers_state', $customer_address['entry_state']);
     $Qorder->bindValue(':customers_state_code', osC_Address::getZoneCode($customer_address['entry_zone_id']));
     $Qorder->bindValue(':customers_country', osC_Address::getCountryName($customer_address['entry_country_id']));
     $Qorder->bindValue(':customers_country_iso2', osC_Address::getCountryIsoCode2($customer_address['entry_country_id']));
     $Qorder->bindValue(':customers_country_iso3', osC_Address::getCountryIsoCode3($customer_address['entry_country_id']));
     $Qorder->bindValue(':customers_telephone', $customer_address['entry_telephone']);
     $Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress());
     $Qorder->bindValue(':customers_address_format', osC_Address::getFormat($customer_address['entry_country_id']));
     $Qorder->bindValue(':customers_ip_address', osc_get_ip_address());
     $Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname'));
     $Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company'));
     $Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address'));
     $Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb'));
     $Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city'));
     $Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode'));
     $Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state'));
     $Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code'));
     $Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title'));
     $Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2'));
     $Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3'));
     $Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format'));
     $Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname'));
     $Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company'));
     $Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address'));
     $Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb'));
     $Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city'));
     $Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode'));
     $Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state'));
     $Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code'));
     $Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title'));
     $Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2'));
     $Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3'));
     $Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format'));
     $Qorder->bindValue(':payment_method', $osC_ShoppingCart->getBillingMethod('title'));
     $Qorder->bindValue(':payment_module', $GLOBALS['osC_Payment_' . $osC_ShoppingCart->getBillingMethod('id')]->getCode());
     $Qorder->bindInt(':orders_status', 4);
     $Qorder->bindValue(':currency', $osC_Currencies->getCode());
     $Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode()));
     $Qorder->execute();
     $insert_id = $osC_Database->nextID();
     foreach ($osC_ShoppingCart->getOrderTotals() as $module) {
         $Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)');
         $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
         $Qtotals->bindInt(':orders_id', $insert_id);
         $Qtotals->bindValue(':title', $module['title']);
         $Qtotals->bindValue(':text', $module['text']);
         $Qtotals->bindValue(':value', $module['value']);
         $Qtotals->bindValue(':class', $module['code']);
         $Qtotals->bindInt(':sort_order', $module['sort_order']);
         $Qtotals->execute();
     }
     $Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)');
     $Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY);
     $Qstatus->bindInt(':orders_id', $insert_id);
     $Qstatus->bindInt(':orders_status_id', 4);
     $Qstatus->bindInt(':customer_notified', '0');
     $Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : '');
     $Qstatus->execute();
     foreach ($osC_ShoppingCart->getProducts() as $products) {
         $Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_model, products_name, products_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_model, :products_name, :products_price, :products_tax, :products_quantity)');
         $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
         $Qproducts->bindInt(':orders_id', $insert_id);
         $Qproducts->bindInt(':products_id', osc_get_product_id($products['id']));
         $Qproducts->bindValue(':products_model', $products['model']);
         $Qproducts->bindValue(':products_name', $products['name']);
         $Qproducts->bindValue(':products_price', $products['price']);
         $Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id']));
         $Qproducts->bindInt(':products_quantity', $products['quantity']);
         $Qproducts->execute();
         $order_products_id = $osC_Database->nextID();
         if ($osC_ShoppingCart->isVariant($products['item_id'])) {
             foreach ($osC_ShoppingCart->getVariant($products['item_id']) as $variant) {
                 /* HPDL
                             if (DOWNLOAD_ENABLED == '1') {
                               $Qattributes = $osC_Database->query('select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename from :table_products_options popt, :table_products_options_values poval, :table_products_attributes pa left join :table_products_attributes_download pad on (pa.products_attributes_id = pad.products_attributes_id) where pa.products_id = :products_id and pa.options_id = :options_id and pa.options_id = popt.products_options_id and pa.options_values_id = :options_values_id and pa.options_values_id = poval.products_options_values_id and popt.language_id = :popt_language_id and poval.language_id = :poval_language_id');
                               $Qattributes->bindTable(':table_products_options', TABLE_PRODUCTS_OPTIONS);
                               $Qattributes->bindTable(':table_products_options_values', TABLE_PRODUCTS_OPTIONS_VALUES);
                               $Qattributes->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES);
                               $Qattributes->bindTable(':table_products_attributes_download', TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD);
                               $Qattributes->bindInt(':products_id', $products['id']);
                               $Qattributes->bindInt(':options_id', $attributes['options_id']);
                               $Qattributes->bindInt(':options_values_id', $attributes['options_values_id']);
                               $Qattributes->bindInt(':popt_language_id', $osC_Language->getID());
                               $Qattributes->bindInt(':poval_language_id', $osC_Language->getID());
                               $Qattributes->execute();
                             }
                 */
                 $Qvariant = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, group_title, value_title) values (:orders_id, :orders_products_id, :group_title, :value_title)');
                 $Qvariant->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS);
                 $Qvariant->bindInt(':orders_id', $insert_id);
                 $Qvariant->bindInt(':orders_products_id', $order_products_id);
                 $Qvariant->bindValue(':group_title', $variant['group_title']);
                 $Qvariant->bindValue(':value_title', $variant['value_title']);
                 $Qvariant->execute();
                 /*HPDL
                             if ((DOWNLOAD_ENABLED == '1') && (strlen($Qattributes->value('products_attributes_filename')) > 0)) {
                               $Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :download_maxdays, :download_count)');
                               $Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD);
                               $Qopd->bindInt(':orders_id', $insert_id);
                               $Qopd->bindInt(':orders_products_id', $order_products_id);
                               $Qopd->bindValue(':orders_products_filename', $Qattributes->value('products_attributes_filename'));
                               $Qopd->bindValue(':download_maxdays', $Qattributes->value('products_attributes_maxdays'));
                               $Qopd->bindValue(':download_count', $Qattributes->value('products_attributes_maxcount'));
                               $Qopd->execute();
                             }
                 */
             }
         }
     }
     $_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id;
     return $insert_id;
 }