public static function execute(ApplicationAbstract $application)
{
$OSCOM_Database = Registry::get('Database');
$OSCOM_MessageStack = Registry::get('MessageStack');
$Qcheck = $OSCOM_Database->query('select customers_id, customers_firstname, customers_lastname, customers_gender, customers_email_address, customers_password from :table_customers where customers_email_address = :customers_email_address limit 1');
$Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() === 1) {
$password = osc_create_random_string(ACCOUNT_PASSWORD);
if (Account::savePassword($password, $Qcheck->valueInt('customers_id'))) {
if (ACCOUNT_GENDER > -1) {
if ($Qcheck->value('customers_gender') == 'm') {
$email_text = sprintf(OSCOM::getDef('email_addressing_gender_male'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
} else {
$email_text = sprintf(OSCOM::getDef('email_addressing_gender_female'), $Qcheck->valueProtected('customers_lastname')) . "\n\n";
}
} else {
$email_text = sprintf(OSCOM::getDef('email_addressing_gender_unknown'), $Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname')) . "\n\n";
}
$email_text .= sprintf(OSCOM::getDef('email_password_reminder_body'), osc_get_ip_address(), STORE_NAME, $password, STORE_OWNER_EMAIL_ADDRESS);
osc_email($Qcheck->valueProtected('customers_firstname') . ' ' . $Qcheck->valueProtected('customers_lastname'), $Qcheck->valueProtected('customers_email_address'), sprintf(OSCOM::getDef('email_password_reminder_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
$OSCOM_MessageStack->add('LogIn', OSCOM::getDef('success_password_forgotten_sent'), 'success');
}
osc_redirect(OSCOM::getLink(null, null, 'LogIn', 'SSL'));
} else {
$OSCOM_MessageStack->add('PasswordForgotten', OSCOM::getDef('error_password_forgotten_no_email_address_found'));
}
}
public static function execute()
{
// List of safe IP-Addresses found here:
// https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_golivechecklist
$firewall = array('64.4.241.16', '64.4.241.32', '64.4.241.33', '64.4.241.34', '64.4.241.35', '64.4.241.36', '64.4.241.37', '64.4.241.38', '64.4.241.39', '216.113.188.32', '216.113.188.33', '216.113.188.34', '216.113.188.35', '216.113.188.64', '216.113.188.65', '216.113.188.66', '216.113.188.67', '66.211.169.2', '66.211.169.65', '216.113.188.39', '216.113.188.71', '66.211.168.91', '66.211.168.123', '216.113.188.52', '216.113.188.84', '66.211.168.92', '66.211.168.124', '216.113.188.10', '66.211.168.126', '216.113.188.11', '66.211.168.125', '216.113.188.202', '216.113.188.203', '216.113.188.204', '66.211.170.66', '66.135.197.163', '216.113.169.205', '66.135.197.160', '66.135.197.162', '66.135.197.141', '66.135.197.164');
if (!in_array(osc_get_ip_address(), $firewall)) {
exit;
}
}
function createEntry($data, $restore_cart_contents = true, $send_email = true)
{
global $osC_Database, $osC_Session, $osC_Language, $osC_ShoppingCart, $osC_Customer, $osC_NavigationHistory, $toC_Wishlist;
$Qcustomer = $osC_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)');
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindValue(':customers_firstname', $data['firstname']);
$Qcustomer->bindValue(':customers_lastname', $data['lastname']);
$Qcustomer->bindValue(':customers_email_address', $data['email_address']);
$Qcustomer->bindValue(':customers_newsletter', isset($data['newsletter']) && $data['newsletter'] == '1' ? '1' : '');
$Qcustomer->bindValue(':customers_status', '1');
$Qcustomer->bindValue(':customers_ip_address', osc_get_ip_address());
$Qcustomer->bindValue(':customers_password', osc_encrypt_string($data['password']));
$Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : '');
$Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? date('Ymd', $data['dob']) : '');
$Qcustomer->bindInt(':number_of_logons', 0);
$Qcustomer->bindRaw(':date_account_created', 'now()');
$Qcustomer->execute();
if ($Qcustomer->affectedRows() === 1) {
$customer_id = $osC_Database->nextID();
$QcustomerGroup = $osC_Database->query('select customers_groups_id from :table_customers_groups where is_default = 1');
$QcustomerGroup->bindTable(':table_customers_groups', TABLE_CUSTOMERS_GROUPS);
$QcustomerGroup->execute();
if ($QcustomerGroup->numberOfRows() == 1) {
$osC_Database->simpleQuery('update ' . TABLE_CUSTOMERS . ' set customers_groups_id = ' . $QcustomerGroup->valueInt('customers_groups_id') . ' where customers_id = ' . $customer_id);
}
if (SERVICE_SESSION_REGENERATE_ID == '1') {
$osC_Session->recreate();
}
$osC_Customer->setCustomerData($customer_id);
//restore cart contents
if ($restore_cart_contents === true) {
$osC_ShoppingCart->synchronizeWithDatabase();
}
//restore wishlist contents
$toC_Wishlist->synchronizeWithDatabase();
$osC_NavigationHistory->removeCurrentPage();
include 'email_template.php';
$email = toC_Email_Template::getEmailTemplate('create_account_email');
$email->setData($osC_Customer, $data['password']);
$email->buildMessage();
$email->sendEmail();
return true;
}
return false;
}
/**
* Stores a new customer account entry in the database
*
* @param array $data An array containing the customers information
* @access public
* @return boolean
*/
public static function createEntry($data)
{
$OSCOM_Database = Registry::get('Database');
$OSCOM_Session = Registry::get('Session');
$OSCOM_Customer = Registry::get('Customer');
$OSCOM_ShoppingCart = Registry::get('ShoppingCart');
$OSCOM_NavigationHistory = Registry::get('NavigationHistory');
$Qcustomer = $OSCOM_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob, number_of_logons, date_account_created) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob, :number_of_logons, :date_account_created)');
$Qcustomer->bindValue(':customers_firstname', $data['firstname']);
$Qcustomer->bindValue(':customers_lastname', $data['lastname']);
$Qcustomer->bindValue(':customers_email_address', $data['email_address']);
$Qcustomer->bindValue(':customers_newsletter', isset($data['newsletter']) && $data['newsletter'] == '1' ? '1' : '');
$Qcustomer->bindValue(':customers_status', '1');
$Qcustomer->bindValue(':customers_ip_address', osc_get_ip_address());
$Qcustomer->bindValue(':customers_password', osc_encrypt_string($data['password']));
$Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($data['gender']) && ($data['gender'] == 'm' || $data['gender'] == 'f') ? $data['gender'] : '');
$Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH == '1' ? date('Ymd', $data['dob']) : '');
$Qcustomer->bindInt(':number_of_logons', 0);
$Qcustomer->bindRaw(':date_account_created', 'now()');
$Qcustomer->execute();
if ($Qcustomer->affectedRows() === 1) {
$customer_id = $OSCOM_Database->nextID();
if (SERVICE_SESSION_REGENERATE_ID == '1') {
$OSCOM_Session->recreate();
}
$OSCOM_Customer->setCustomerData($customer_id);
// restore cart contents
$OSCOM_ShoppingCart->synchronizeWithDatabase();
$OSCOM_NavigationHistory->removeCurrentPage();
// build the welcome email content
if (ACCOUNT_GENDER > -1 && isset($data['gender'])) {
if ($data['gender'] == 'm') {
$email_text = sprintf(OSCOM::getDef('email_addressing_gender_male'), $OSCOM_Customer->getLastName()) . "\n\n";
} else {
$email_text = sprintf(OSCOM::getDef('email_addressing_gender_female'), $OSCOM_Customer->getLastName()) . "\n\n";
}
} else {
$email_text = sprintf(OSCOM::getDef('email_addressing_gender_unknown'), $OSCOM_Customer->getName()) . "\n\n";
}
$email_text .= sprintf(OSCOM::getDef('email_create_account_body'), STORE_NAME, STORE_OWNER_EMAIL_ADDRESS);
osc_email($OSCOM_Customer->getName(), $OSCOM_Customer->getEmailAddress(), sprintf(OSCOM::getDef('email_create_account_subject'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
return true;
}
return false;
}
function process_button()
{
global $osC_Database, $order, $osC_Currencies;
switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_MODE) {
case 'Always Good':
$transaction_mode = '1';
break;
case 'Always Duplicate':
$transaction_mode = '2';
break;
case 'Always Decline':
$transaction_mode = '3';
break;
case 'Production':
default:
$transaction_mode = '0';
break;
}
switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_TYPE) {
case 'Sale':
$transaction_type = '0';
break;
case 'PostAuth':
$transaction_type = '2';
break;
case 'PreAuth':
default:
$transaction_type = '1';
break;
}
if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') {
$payment_error_return = '&psigate_cc_owner=' . urlencode($_POST['psigate_cc_owner']) . '&psigate_cc_expires_month=' . urlencode($_POST['psigate_cc_expires_month']) . '&psigate_cc_expires_year=' . urlencode($_POST['psigate_cc_expires_year']);
} else {
$payment_error_return = '';
}
$process_button_string = osc_draw_hidden_field('MerchantID', MODULE_PAYMENT_PSIGATE_MERCHANT_ID) . osc_draw_hidden_field('FullTotal', number_format($order->info['total'] * $osC_Currencies->value(MODULE_PAYMENT_PSIGATE_CURRENCY), $osC_Currencies->currencies[MODULE_PAYMENT_PSIGATE_CURRENCY]['decimal_places'])) . osc_draw_hidden_field('ThanksURL', osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL')) . osc_draw_hidden_field('NoThanksURL', osc_href_link(FILENAME_CHECKOUT, 'payment&payment_error=' . $this->_code . $payment_error_return, 'SSL')) . osc_draw_hidden_field('Bname', MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local' ? $_POST['psigate_cc_owner'] : $order->billing['firstname'] . ' ' . $order->billing['lastname']) . osc_draw_hidden_field('Baddr1', $order->billing['street_address']) . osc_draw_hidden_field('Bcity', $order->billing['city']);
if ($order->billing['country']['iso_code_2'] == 'US') {
$Qstate = $osC_Database->query('select zone_code from :table_zones where zone_id = :zone_id');
$Qstate->bindTable(':table_zones', TABLE_ZONES);
$Qstate->bindInt(':zone_id', $order->billing['zone_id']);
$Qstate->execute();
$process_button_string .= osc_draw_hidden_field('Bstate', $Qstate->value('zone_code'));
} else {
$process_button_string .= osc_draw_hidden_field('Bstate', $order->billing['state']);
}
$process_button_string .= osc_draw_hidden_field('Bzip', $order->billing['postcode']) . osc_draw_hidden_field('Bcountry', $order->billing['country']['iso_code_2']) . osc_draw_hidden_field('Phone', $order->customer['telephone']) . osc_draw_hidden_field('Email', $order->customer['email_address']) . osc_draw_hidden_field('Sname', $order->delivery['firstname'] . ' ' . $order->delivery['lastname']) . osc_draw_hidden_field('Saddr1', $order->delivery['street_address']) . osc_draw_hidden_field('Scity', $order->delivery['city']) . osc_draw_hidden_field('Sstate', $order->delivery['state']) . osc_draw_hidden_field('Szip', $order->delivery['postcode']) . osc_draw_hidden_field('Scountry', $order->delivery['country']['iso_code_2']) . osc_draw_hidden_field('ChargeType', $transaction_type) . osc_draw_hidden_field('Result', $transaction_mode) . osc_draw_hidden_field('IP', osc_get_ip_address());
if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') {
$process_button_string .= osc_draw_hidden_field('CardNumber', $this->cc_card_number) . osc_draw_hidden_field('ExpMonth', $this->cc_expiry_month) . osc_draw_hidden_field('ExpYear', substr($this->cc_expiry_year, -2));
}
return $process_button_string;
}
function process()
{
global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard;
$this->_verifyData();
$this->_order_id = osC_Order::insert();
$post_string = '<?xml version="1.0" encoding="UTF-8"?>' . "\n" . '<WIRECARD_BXML xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance" xsi:noNamespaceSchemaLocation="wirecard.xsd">' . "\n" . ' <W_REQUEST>' . "\n" . ' <W_JOB>' . "\n" . ' <JobID>Job 1</JobID>' . "\n" . ' <BusinessCaseSignature>' . MODULE_PAYMENT_WIRECARD_CC_BUSINESS_SIGNATURE . '</BusinessCaseSignature>' . "\n" . ' <FNC_CC_PREAUTHORIZATION>' . "\n" . ' <FunctionID>Preauthorization 1</FunctionID>' . "\n" . ' <CC_TRANSACTION mode="' . MODULE_PAYMENT_WIRECARD_CC_TRANSACTION_MODE . '">' . "\n" . ' <TransactionID>' . $this->_order_id . '</TransactionID>' . "\n" . ' <CommerceType>eCommerce</CommerceType>' . "\n" . ' <Amount>' . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100 . '</Amount>' . "\n" . ' <Currency>' . $osC_Currencies->getCode() . '</Currency>' . "\n" . ' <CountryCode>' . osC_Address::getCountryIsoCode2(STORE_COUNTRY) . '</CountryCode>' . "\n" . ' <Usage>' . STORE_NAME . '</Usage>' . "\n" . ' <RECURRING_TRANSACTION>' . "\n" . ' <Type>Single</Type>' . "\n" . ' </RECURRING_TRANSACTION>' . "\n" . ' <CREDIT_CARD_DATA>' . "\n" . ' <CreditCardNumber>' . $osC_CreditCard->getNumber() . '</CreditCardNumber>' . "\n";
if (MODULE_PAYMENT_WIRECARD_CC_VERIFY_WITH_CVC == '1') {
$post_string .= ' <CVC2>' . $osC_CreditCard->getCVC() . '</CVC2>' . "\n";
}
$post_string .= ' <ExpirationYear>' . $osC_CreditCard->getExpiryYear() . '</ExpirationYear>' . "\n" . ' <ExpirationMonth>' . $osC_CreditCard->getExpiryMonth() . '</ExpirationMonth>' . "\n" . ' <CardHolderName>' . $osC_CreditCard->getOwner() . '</CardHolderName>' . "\n" . ' </CREDIT_CARD_DATA>' . "\n" . ' <CONTACT_DATA>' . "\n" . ' <IPAddress>' . osc_get_ip_address() . '</IPAddress>' . "\n" . ' </CONTACT_DATA>' . "\n" . ' <CORPTRUSTCENTER_DATA>' . "\n" . ' <ADDRESS>' . "\n" . ' <FirstName>' . $osC_ShoppingCart->getBillingAddress('firstname') . '</FirstName>' . "\n" . ' <LastName>' . $osC_ShoppingCart->getBillingAddress('lastname') . '</LastName>' . "\n" . ' <Address1>' . $osC_ShoppingCart->getBillingAddress('street_address') . '</Address1>' . "\n" . ' <City>' . $osC_ShoppingCart->getBillingAddress('city') . '</City>' . "\n" . ' <ZipCode>' . $osC_ShoppingCart->getBillingAddress('postcode') . '</ZipCode>' . "\n";
if (osc_empty($osC_ShoppingCart->getBillingAddress('zone_code')) === false) {
$post_string .= ' <State>' . $osC_ShoppingCart->getBillingAddress('zone_code') . '</State>' . "\n";
}
$post_string .= ' <Country>' . $osC_ShoppingCart->getBillingAddress('country_iso_code_2') . '</Country>' . "\n" . ' <Phone>' . $osC_ShoppingCart->getBillingAddress('telephone_number') . '</Phone>' . "\n" . ' <Email>' . $osC_Customer->getEmailAddress() . '</Email>' . "\n" . ' </ADDRESS>' . "\n" . ' </CORPTRUSTCENTER_DATA>' . "\n" . ' </CC_TRANSACTION>' . "\n" . ' </FNC_CC_PREAUTHORIZATION>' . "\n" . ' </W_JOB>' . "\n" . ' </W_REQUEST>' . "\n" . '</WIRECARD_BXML>';
$this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string, array('Content-type: text/xml'));
if (empty($this->_transaction_response) === false) {
$osC_XML = new osC_XML($this->_transaction_response);
$result = $osC_XML->toArray();
} else {
$result = array();
}
$error = false;
if (isset($result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['FunctionResult'])) {
if ($result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['FunctionResult'] != 'ACK') {
$errno = $result['WIRECARD_BXML']['W_RESPONSE']['W_JOB']['FNC_CC_PREAUTHORIZATION']['CC_TRANSACTION']['PROCESSING_STATUS']['ERROR']['Number'];
switch ($errno) {
case '14':
case '20109':
$error = $osC_Language->get('payment_wirecard_cc_error_unkown_card');
break;
case '33':
case '20071':
$error = $osC_Language->get('payment_wirecard_cc_error_' . (int) $errno);
break;
default:
$error = $osC_Language->get('payment_wirecard_cc_error_general');
break;
}
}
} else {
$error = $osC_Language->get('payment_wirecard_cc_error_general');
}
if ($error === false) {
osC_Order::process($this->_order_id, $this->order_status);
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $this->_order_id);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
$Qtransaction->bindInt(':transaction_return_status', 1);
$Qtransaction->execute();
} else {
osC_Order::remove($this->_order_id);
$messageStack->add_session('checkout_payment', $error, 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&wirecard_cc_owner=' . $osC_CreditCard->getOwner() . '&wirecard_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&wirecard_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_WIRECARD_CC_VERIFY_WITH_CVC == '1' ? '&wirecard_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL'));
}
}
die($osC_Language->get('error_download_max_num_of_times'));
}
// Die if file is not there
if (!file_exists(DIR_FS_DOWNLOAD . $Qdownload->value('orders_products_cache_filename'))) {
die($osC_Language->get('error_download_file_not_exist'));
}
// Now decrement counter
$Qupdate = $osC_Database->query('update :table_orders_products_download set download_count = download_count-1 where orders_products_download_id = :orders_products_download_id');
$Qupdate->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD);
$Qupdate->bindInt(':orders_products_download_id', $_GET['id']);
$Qupdate->execute();
// Now insert history
$Qinsert = $osC_Database->query('insert into :table_products_download_history (orders_products_download_id, download_date, download_ip_address) values (:orders_products_download_id, now(), :download_ip_address)');
$Qinsert->bindTable(':table_products_download_history', TABLE_PRODUCTS_DOWNLOAD_HISTORY);
$Qinsert->bindInt(':orders_products_download_id', $_GET['id']);
$Qinsert->bindValue(':download_ip_address', osc_get_ip_address());
$Qinsert->execute();
}
}
}
// Returns a random name, 16 to 20 characters long
// There are more than 10^28 combinations
// The directory is "hidden", i.e. starts with '.'
function osc_random_name()
{
$letters = 'abcdefghijklmnopqrstuvwxyz';
$dirname = '.';
$length = floor(osc_rand(16, 20));
for ($i = 1; $i <= $length; $i++) {
$q = floor(osc_rand(1, 26));
$dirname .= $letters[$q];
function process()
{
global $osC_Currencies, $osC_ShoppingCart, $osC_Customer, $osC_Language, $messageStack;
$currency = $osC_Currencies->getCode();
if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && isset($this->cc_types[$_POST['cc_type']]) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) {
$params = array('USER' => MODULE_PAYMENT_PAYPAL_DIRECT_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_DIRECT_API_PASSWORD, 'VERSION' => '3.2', 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_DIRECT_API_SIGNATURE, 'METHOD' => 'DoDirectPayment', 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => osc_get_ip_address(), 'AMT' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal() - $osC_ShoppingCart->getShippingMethod('cost'), $currency), 'CREDITCARDTYPE' => $_POST['cc_type'], 'ACCT' => $_POST['cc_number_nh-dns'], 'STARTDATE' => $_POST['cc_starts_month'] . $_POST['cc_starts_year'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($_POST['cc_owner'], 0, strpos($_POST['cc_owner'], ' ')), 'LASTNAME' => substr($_POST['cc_owner'], strpos($_POST['cc_owner'], ' ') + 1), 'STREET' => $osC_ShoppingCart->getBillingAddress('street_address'), 'CITY' => $osC_ShoppingCart->getBillingAddress('city'), 'STATE' => $osC_ShoppingCart->getBillingAddress('state'), 'COUNTRYCODE' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'ZIP' => $osC_ShoppingCart->getBillingAddress('postcode'), 'EMAIL' => $osC_Customer->getEmailAddress(), 'PHONENUM' => $osC_ShoppingCart->getBillingAddress('telephone_number'), 'CURRENCYCODE' => $currency, 'BUTTONSOURCE' => 'tomatcart');
if ($_POST['cc_type'] == 'SWITCH' || $_POST['cc_type'] == 'SOLO') {
$params['ISSUENUMBER'] = $_POST['cc_issue_nh-dns'];
}
if ($osC_ShoppingCart->hasShippingAddress()) {
$params['SHIPTONAME'] = $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname');
$params['SHIPTOSTREET'] = $osC_ShoppingCart->getShippingAddress('street_address');
$params['SHIPTOCITY'] = $osC_ShoppingCart->getShippingAddress('city');
$params['SHIPTOSTATE'] = $osC_ShoppingCart->getShippingAddress('zone_code');
$params['SHIPTOCOUNTRYCODE'] = $osC_ShoppingCart->getShippingAddress('country_iso_code_2');
$params['SHIPTOZIP'] = $osC_ShoppingCart->getShippingAddress('postcode');
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($this->api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
$messageStack->add_session('checkout', stripslashes($response_array['L_LONGMESSAGE0']), 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
} else {
$orders_id = osC_Order::insert();
$comments = 'PayPal Website Payments Pro (US) Direct Payments [' . 'ACK: ' . $response_array['ACK'] . '; TransactionID: ' . $response_array['TRANSACTIONID'] . ';' . ']';
osC_Order::process($orders_id, ORDERS_STATUS_PAID, $comments);
}
} else {
$messageStack->add_session('checkout', $osC_Language->get('payment_paypal_direct_error_all_fields_required'), 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
}
}
function process()
{
global $osC_Currencies, $osC_ShoppingCart, $messageStack, $osC_Customer, $osC_Tax, $osC_CreditCard;
$this->_verifyData();
$orders_id = osC_Order::insert();
$params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_LOGIN_ID, 0, 20), 'x_tran_key' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_TRANSACTION_KEY, 0, 16), 'x_version' => '3.1', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '"', 'x_relay_response' => 'FALSE', 'x_first_name' => substr($osC_ShoppingCart->getBillingAddress('firstname'), 0, 50), 'x_last_name' => substr($osC_ShoppingCart->getBillingAddress('lastname'), 0, 50), 'x_company' => substr($osC_ShoppingCart->getBillingAddress('company'), 0, 50), 'x_address' => substr($osC_ShoppingCart->getBillingAddress('street_address'), 0, 60), 'x_city' => substr($osC_ShoppingCart->getBillingAddress('city'), 0, 40), 'x_state' => substr($osC_ShoppingCart->getBillingAddress('state'), 0, 40), 'x_zip' => substr($osC_ShoppingCart->getBillingAddress('postcode'), 0, 20), 'x_country' => substr($osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 0, 60), 'x_cust_id' => substr($osC_Customer->getID(), 0, 20), 'x_customer_ip' => osc_get_ip_address(), 'x_invoice_num' => $order_id, 'x_email' => substr($osC_Customer->getEmailAddress(), 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => substr($osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), 0, 15), 'x_currency_code' => substr($osC_Currencies->getCode(), 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY', 'x_card_num' => $osC_CreditCard->getNumber(), 'x_exp_date' => $osC_CreditCard->getExpiryMonth() . $osC_CreditCard->getExpiryYear());
if (ACCOUNT_TELEPHONE > -1) {
$params['x_phone'] = $osC_ShoppingCart->getBillingAddress('telephone_number');
}
if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_VERIFY_WITH_CVC == '1') {
$params['x_card_code'] = $osC_CreditCard->getCVC();
}
if ($osC_ShoppingCart->hasShippingAddress()) {
$params['x_ship_to_first_name'] = substr($osC_ShoppingCart->getShippingAddress('firstname'), 0, 50);
$params['x_ship_to_last_name'] = substr($osC_ShoppingCart->getShippingAddress('lastname'), 0, 50);
$params['x_ship_to_company'] = substr($osC_ShoppingCart->getShippingAddress('company'), 0, 50);
$params['x_ship_to_address'] = substr($osC_ShoppingCart->getShippingAddress('street_address'), 0, 60);
$params['x_ship_to_city'] = substr($osC_ShoppingCart->getShippingAddress('city'), 0, 40);
$params['x_ship_to_state'] = substr($osC_ShoppingCart->getShippingAddress('zone_code'), 0, 40);
$params['x_ship_to_zip'] = substr($osC_ShoppingCart->getShippingAddress('postcode'), 0, 20);
$params['x_ship_to_country'] = substr($osC_ShoppingCart->getShippingAddress('country_iso_code_2'), 0, 60);
}
if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_MODE == 'Test') {
$params['x_test_request'] = 'TRUE';
}
$shipping_tax = $osC_ShoppingCart->getShippingMethod('cost') * ($osC_Tax->getTaxRate($osC_ShoppingCart->getShippingMethod('tax_class_id'), $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')) / 100);
$total_tax = $osC_ShoppingCart->getTax() - $shipping_tax;
if ($total_tax > 0) {
$params['x_tax'] = $osC_Currencies->formatRaw($total_tax);
}
$params['x_freight'] = $osC_Currencies->formatRaw($osC_ShoppingCart->getShippingMethod('cost'));
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
if ($osC_ShoppingCart->hasContents()) {
$i = 1;
foreach ($osC_ShoppingCart->getProducts() as $product) {
$post_string .= '&x_line_item=' . urlencode($i) . '<|>' . urlencode(substr($product['name'], 0, 31)) . '<|>' . urlencode(substr($product['name'], 0, 255)) . '<|>' . urlencode($product['quantity']) . '<|>' . urlencode($osC_Currencies->formatRaw($product['final_price'])) . '<|>' . urlencode($product['tax_class_id'] > 0 ? 'YES' : 'NO');
$i++;
}
}
switch (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_SERVER) {
case 'Live':
$gateway_url = 'https://secure.authorize.net/gateway/transact.dll';
break;
default:
$gateway_url = 'https://test.authorize.net/gateway/transact.dll';
break;
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
if (!empty($transaction_response)) {
$regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $transaction_response);
foreach ($regs as $key => $value) {
$regs[$key] = substr($value, 1, -1);
// remove double quotes
}
} else {
$regs = array('-1', '-1', '-1');
}
$error = false;
if ($regs[0] == '1') {
if (!osc_empty(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH)) {
if (strtoupper($regs[37]) != strtoupper(md5(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH . MODULE_PAYMENT_AUTHORIZENET_CC_AIM_API_LOGIN_ID . $regs[6] . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal())))) {
$error = 'general';
}
}
} else {
switch ($regs[2]) {
case '7':
$error = 'invalid_expiration_date';
break;
case '8':
$error = 'expired';
break;
case '6':
case '17':
case '28':
$error = 'declined';
break;
case '78':
$error = 'cvc';
break;
default:
$error = 'general';
break;
}
}
if ($error != false) {
osC_Order::remove($orders_id);
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&error=' . $error, 'SSL'));
} else {
osC_Order::process($orders_id, $this->_order_status, $transaction_response);
}
}
function insert($order_status = DEFAULT_ORDERS_STATUS_ID)
{
global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax, $toC_Wishlist;
if (isset($_SESSION['prepOrderID'])) {
$_prep = explode('-', $_SESSION['prepOrderID']);
if ($_prep[0] == $osC_ShoppingCart->getCartID()) {
return $_prep[1];
// order_id
} else {
if (osC_Order::getStatusID($_prep[1]) === ORDERS_STATUS_PREPARING) {
osC_Order::remove($_prep[1]);
}
}
}
if (!class_exists(osC_Account)) {
require_once 'includes/classes/account.php';
}
if (!$osC_Customer->isLoggedOn()) {
osC_Order::createCustomer();
} else {
//insert billing address
$billing_address = $osC_ShoppingCart->getBillingAddress();
if (isset($billing_address['id']) && $billing_address['id'] == '-1') {
osC_Account::createNewAddress($osC_Customer->getID(), $billing_address);
}
//insert shipping address
if (!isset($billing_address['ship_to_this_address']) || isset($billing_address['ship_to_this_address']) && empty($billing_address['ship_to_this_address'])) {
$shipping_address = $osC_ShoppingCart->getShippingAddress();
if (isset($shipping_address['id']) && $shipping_address['id'] == '-1') {
osC_Account::createNewAddress($osC_Customer->getID(), $shipping_address);
}
}
}
$Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_comment, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_zone_id, delivery_state_code, delivery_country_id, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, delivery_telephone, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_zone_id, billing_state_code, billing_country_id, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, billing_telephone, payment_method, payment_module, uses_store_credit, store_credit_amount, date_purchased, orders_status, currency, currency_value, gift_wrapping, wrapping_message) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_comment, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_zone_id, :delivery_state_code, :delivery_country_id, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :delivery_telephone, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_zone_id, :billing_state_code, :billing_country_id, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :billing_telephone, :payment_method, :payment_module, :uses_store_credit, :store_credit_amount, now(), :orders_status, :currency, :currency_value, :gift_wrapping, :wrapping_message)');
$Qorder->bindTable(':table_orders', TABLE_ORDERS);
$Qorder->bindInt(':customers_id', $osC_Customer->getID());
$Qorder->bindValue(':customers_name', $osC_Customer->getName());
$Qorder->bindValue(':customers_company', '');
$Qorder->bindValue(':customers_street_address', '');
$Qorder->bindValue(':customers_suburb', '');
$Qorder->bindValue(':customers_city', '');
$Qorder->bindValue(':customers_postcode', '');
$Qorder->bindValue(':customers_state', '');
$Qorder->bindValue(':customers_state_code', '');
$Qorder->bindValue(':customers_country', '');
$Qorder->bindValue(':customers_country_iso2', '');
$Qorder->bindValue(':customers_country_iso3', '');
$Qorder->bindValue(':customers_telephone', '');
$Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress());
$Qorder->bindValue(':customers_comment', $_SESSION['comments']);
$Qorder->bindValue(':customers_address_format', '');
$Qorder->bindValue(':customers_ip_address', osc_get_ip_address());
$Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname'));
$Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company'));
$Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address'));
$Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb'));
$Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city'));
$Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode'));
$Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state'));
$Qorder->bindValue(':delivery_zone_id', $osC_ShoppingCart->getShippingAddress('zone_id'));
$Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code'));
$Qorder->bindValue(':delivery_country_id', $osC_ShoppingCart->getShippingAddress('country_id'));
$Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title'));
$Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2'));
$Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3'));
$Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format'));
$Qorder->bindValue(':delivery_telephone', $osC_ShoppingCart->getShippingAddress('telephone_number'));
$Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname'));
$Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company'));
$Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address'));
$Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb'));
$Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city'));
$Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode'));
$Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state'));
$Qorder->bindValue(':billing_zone_id', $osC_ShoppingCart->getBillingAddress('zone_id'));
$Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code'));
$Qorder->bindValue(':billing_country_id', $osC_ShoppingCart->getBillingAddress('country_id'));
$Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title'));
$Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2'));
$Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3'));
$Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format'));
$Qorder->bindValue(':billing_telephone', $osC_ShoppingCart->getBillingAddress('telephone_number'));
$Qorder->bindValue(':payment_method', implode(',', $osC_ShoppingCart->getCartBillingMethods()));
$Qorder->bindValue(':payment_module', implode(',', $osC_ShoppingCart->getCartBillingModules()));
$Qorder->bindInt(':uses_store_credit', $osC_ShoppingCart->isUseStoreCredit());
$Qorder->bindValue(':store_credit_amount', $osC_ShoppingCart->isUseStoreCredit() ? $osC_ShoppingCart->getStoreCredit() : '0');
$Qorder->bindInt(':orders_status', $order_status);
$Qorder->bindValue(':currency', $osC_Currencies->getCode());
$Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode()));
$Qorder->bindInt(':gift_wrapping', $osC_ShoppingCart->isGiftWrapping() ? '1' : '0');
$Qorder->bindValue(':wrapping_message', isset($_SESSION['gift_wrapping_comments']) ? $_SESSION['gift_wrapping_comments'] : '');
$Qorder->execute();
$insert_id = $osC_Database->nextID();
foreach ($osC_ShoppingCart->getOrderTotals() as $module) {
$Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)');
$Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotals->bindInt(':orders_id', $insert_id);
$Qtotals->bindValue(':title', $module['title']);
$Qtotals->bindValue(':text', $module['text']);
$Qtotals->bindValue(':value', $module['value']);
$Qtotals->bindValue(':class', $module['code']);
$Qtotals->bindInt(':sort_order', $module['sort_order']);
$Qtotals->execute();
}
$Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)');
$Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY);
$Qstatus->bindInt(':orders_id', $insert_id);
$Qstatus->bindInt(':orders_status_id', $order_status);
$Qstatus->bindInt(':customer_notified', '0');
$Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : '');
$Qstatus->execute();
foreach ($osC_ShoppingCart->getProducts() as $products) {
$Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_type, products_sku, products_name, products_price, final_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_type, :products_sku, :products_name, :products_price, :final_price, :products_tax, :products_quantity)');
$Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
$Qproducts->bindInt(':orders_id', $insert_id);
$Qproducts->bindInt(':products_id', osc_get_product_id($products['id']));
$Qproducts->bindValue(':products_type', $products['type']);
$Qproducts->bindValue(':products_sku', $products['sku']);
$Qproducts->bindValue(':products_name', $products['name']);
$Qproducts->bindValue(':products_price', $products['price']);
$Qproducts->bindValue(':final_price', $products['final_price']);
$Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id'], $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')));
$Qproducts->bindInt(':products_quantity', $products['quantity']);
$Qproducts->execute();
$order_products_id = $osC_Database->nextID();
if (!empty($products['customizations'])) {
foreach ($products['customizations'] as $customization) {
$Qcustomization = $osC_Database->query('insert into :table_orders_products_customizations (orders_id, orders_products_id, quantity) values (:orders_id, :orders_products_id, :quantity)');
$Qcustomization->bindTable(':table_orders_products_customizations', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS);
$Qcustomization->bindInt(':orders_id', $insert_id);
$Qcustomization->bindInt(':orders_products_id', $order_products_id);
$Qcustomization->bindInt(':quantity', $customization['qty']);
$Qcustomization->execute();
$orders_products_customizations_id = $osC_Database->nextID();
foreach ($customization['fields'] as $field) {
$Qfield = $osC_Database->query('insert into :table_orders_products_customizations_values (orders_products_customizations_id , customization_fields_id, customization_fields_name, customization_fields_type, customization_fields_value, cache_file_name) values (:orders_products_customizations_id, :customization_fields_id, :customization_fields_name, :customization_fields_type, :customization_fields_value, :cache_file_name)');
$Qfield->bindTable(':table_orders_products_customizations_values', TABLE_ORDERS_PRODUCTS_CUSTOMIZATIONS_VALUES);
$Qfield->bindInt(':orders_products_customizations_id', $orders_products_customizations_id);
$Qfield->bindInt(':customization_fields_id', $field['customization_fields_id']);
$Qfield->bindValue(':customization_fields_name', $field['customization_fields_name']);
$Qfield->bindInt(':customization_fields_type', $field['customization_type']);
$Qfield->bindValue(':customization_fields_value', $field['customization_value']);
$Qfield->bindValue(':cache_file_name', $field['cache_filename']);
$Qfield->execute();
if ($osC_Database->isError() === false) {
@copy(DIR_FS_CACHE . 'products_customizations/' . $field['cache_filename'], DIR_FS_CACHE . 'orders_customizations/' . $field['cache_filename']);
}
}
}
}
if ($osC_ShoppingCart->hasVariants($products['id'])) {
foreach ($osC_ShoppingCart->getVariants($products['id']) as $variants_id => $variants) {
$Qvariants = $osC_Database->query('select pvg.products_variants_groups_name, pvv.products_variants_values_name from :table_products_variants pv, :table_products_variants_entries pve, :table_products_variants_groups pvg, :table_products_variants_values pvv where pv.products_id = :products_id and pv.products_variants_id = pve.products_variants_id and pve.products_variants_groups_id = :groups_id and pve.products_variants_values_id = :variants_values_id and pve.products_variants_groups_id = pvg.products_variants_groups_id and pve.products_variants_values_id = pvv.products_variants_values_id and pvg.language_id = :pvg_language_id and pvv.language_id = :pvv_language_id');
$Qvariants->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qvariants->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES);
$Qvariants->bindTable(':table_products_variants_groups', TABLE_PRODUCTS_VARIANTS_GROUPS);
$Qvariants->bindTable(':table_products_variants_values', TABLE_PRODUCTS_VARIANTS_VALUES);
$Qvariants->bindInt(':products_id', $products['id']);
$Qvariants->bindInt(':groups_id', $variants['groups_id']);
$Qvariants->bindInt(':variants_values_id', $variants['variants_values_id']);
$Qvariants->bindInt(':pvg_language_id', $osC_Language->getID());
$Qvariants->bindInt(':pvv_language_id', $osC_Language->getID());
$Qvariants->execute();
$Qopv = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, products_variants_groups_id, products_variants_groups, products_variants_values_id, products_variants_values) values (:orders_id, :orders_products_id, :products_variants_groups_id, :products_variants_groups, :products_variants_values_id, :products_variants_values)');
$Qopv->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS);
$Qopv->bindInt(':orders_id', $insert_id);
$Qopv->bindInt(':orders_products_id', $order_products_id);
$Qopv->bindInt(':products_variants_groups_id', $variants['groups_id']);
$Qopv->bindValue(':products_variants_groups', $Qvariants->value('products_variants_groups_name'));
$Qopv->bindInt(':products_variants_values_id', $variants['variants_values_id']);
$Qopv->bindValue(':products_variants_values', $Qvariants->value('products_variants_values_name'));
$Qopv->execute();
}
}
if ($products['type'] == PRODUCT_TYPE_DOWNLOADABLE) {
$Qdownloadable = $osC_Database->query('select * from :table_products_downloadables where products_id = :products_id');
$Qdownloadable->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES);
$Qdownloadable->bindInt(':products_id', osc_get_product_id($products['id']));
$Qdownloadable->execute();
if ($osC_ShoppingCart->hasVariants($products['id'])) {
$variants_filename = $products['variant_filename'];
$variants_cache_filename = $products['variant_cache_filename'];
} else {
$variants_filename = $Qdownloadable->value('filename');
$variants_cache_filename = $Qdownloadable->value('cache_filename');
}
$Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, orders_products_cache_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :orders_products_cache_filename, :download_maxdays, :download_count)');
$Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD);
$Qopd->bindInt(':orders_id', $insert_id);
$Qopd->bindInt(':orders_products_id', $order_products_id);
$Qopd->bindValue(':orders_products_filename', $variants_filename);
$Qopd->bindValue(':orders_products_cache_filename', $variants_cache_filename);
$Qopd->bindValue(':download_maxdays', $Qdownloadable->valueInt('number_of_accessible_days'));
$Qopd->bindValue(':download_count', $Qdownloadable->valueInt('number_of_downloads') * $products['quantity']);
$Qopd->execute();
}
if ($products['type'] == PRODUCT_TYPE_GIFT_CERTIFICATE) {
require_once 'gift_certificates.php';
$Qgc = $osC_Database->query('insert into :table_gift_certificates (orders_id, orders_products_id, gift_certificates_type, amount, gift_certificates_code, recipients_name, recipients_email, senders_name, senders_email, messages) values (:orders_id, :orders_products_id, :gift_certificates_type, :amount, :gift_certificates_code, :recipients_name, :recipients_email, :senders_name, :senders_email, :messages)');
$Qgc->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES);
$Qgc->bindInt(':orders_id', $insert_id);
$Qgc->bindInt(':gift_certificates_type', $products['gc_data']['type']);
$Qgc->bindInt(':orders_products_id', $order_products_id);
$Qgc->bindValue(':amount', $products['price']);
$Qgc->bindValue(':gift_certificates_code', toC_Gift_Certificates::createGiftCertificateCode());
$Qgc->bindValue(':recipients_name', $products['gc_data']['recipients_name']);
$Qgc->bindValue(':recipients_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['recipients_email'] : '');
$Qgc->bindValue(':senders_name', $products['gc_data']['senders_name']);
$Qgc->bindValue(':senders_email', $products['gc_data']['type'] == GIFT_CERTIFICATE_TYPE_EMAIL ? $products['gc_data']['senders_email'] : '');
$Qgc->bindValue(':messages', $products['gc_data']['message']);
$Qgc->execute();
}
}
if ($osC_ShoppingCart->isUseStoreCredit()) {
$Qhistory = $osC_Database->query('insert into :table_customers_credits_history (customers_id, action_type, date_added, amount, comments) values (:customers_id, :action_type, now(), :amount, :comments)');
$Qhistory->bindTable(':table_customers_credits_history', TABLE_CUSTOMERS_CREDITS_HISTORY);
$Qhistory->bindInt(':customers_id', $osC_Customer->getID());
$Qhistory->bindInt(':action_type', STORE_CREDIT_ACTION_TYPE_ORDER_PURCHASE);
$Qhistory->bindValue(':amount', $osC_ShoppingCart->getStoreCredit() * -1);
$Qhistory->bindValue(':comments', sprintf($osC_Language->get('store_credit_order_number'), $insert_id));
$Qhistory->execute();
$Qcustomer = $osC_Database->query('update :table_customers set customers_credits = (customers_credits + :customers_credits) where customers_id = :customers_id');
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindRaw(':customers_credits', $osC_ShoppingCart->getStoreCredit() * -1);
$Qcustomer->bindInt(':customers_id', $osC_Customer->getID());
$Qcustomer->execute();
$Qcredit = $osC_Database->query('select customers_credits from :table_customers where customers_id = :customers_id');
$Qcredit->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcredit->bindInt(':customers_id', $osC_Customer->getID());
$Qcredit->execute();
$osC_Customer->setStoreCredit($Qcredit->value('customers_credits'));
}
if ($osC_ShoppingCart->hasCoupon()) {
include_once 'includes/classes/coupon.php';
$toC_Coupon = new toC_Coupon($osC_ShoppingCart->getCouponCode());
$Qcoupon = $osC_Database->query('insert into :table_coupons_redeem_history (coupons_id, customers_id, orders_id, redeem_amount, redeem_date, redeem_ip_address) values (:coupons_id, :customers_id, :orders_id, :redeem_amount, now(), :redeem_ip_address)');
$Qcoupon->bindTable(':table_coupons_redeem_history', TABLE_COUPONS_REDEEM_HISTORY);
$Qcoupon->bindInt(':coupons_id', $toC_Coupon->getID());
$Qcoupon->bindInt(':customers_id', $osC_Customer->getID());
$Qcoupon->bindInt(':orders_id', $insert_id);
$Qcoupon->bindValue(':redeem_amount', $osC_ShoppingCart->getCouponAmount());
$Qcoupon->bindValue(':redeem_ip_address', osc_get_ip_address());
$Qcoupon->execute();
}
if ($osC_ShoppingCart->hasGiftCertificate()) {
$gift_certificate_codes = $osC_ShoppingCart->getGiftCertificateRedeemAmount();
foreach ($gift_certificate_codes as $gift_certificate_code => $amount) {
$Qcertificate = $osC_Database->query('select gift_certificates_id from :table_gift_certificates where gift_certificates_code = :gift_certificates_code');
$Qcertificate->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES);
$Qcertificate->bindValue(':gift_certificates_code', $gift_certificate_code);
$Qcertificate->execute();
$Qinsert = $osC_Database->query('insert into :table_gift_certificates_redeem_history (gift_certificates_id, customers_id, orders_id, redeem_date, redeem_amount, redeem_ip_address) values (:gift_certificates_id, :customers_id, :orders_id, now(), :redeem_amount, :redeem_ip_address)');
$Qinsert->bindTable(':table_gift_certificates_redeem_history', TABLE_GIFT_CERTIFICATES_REDEEM_HISTORY);
$Qinsert->bindInt(':gift_certificates_id', $Qcertificate->valueInt(gift_certificates_id));
$Qinsert->bindInt(':customers_id', $osC_Customer->getID());
$Qinsert->bindInt(':orders_id', $insert_id);
$Qinsert->bindValue(':redeem_amount', $amount);
$Qinsert->bindValue(':redeem_ip_address', osc_get_ip_address());
$Qinsert->execute();
}
}
$_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id;
return $insert_id;
}
function process()
{
global $osC_Database, $osC_MessageStack, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart;
$this->_verifyData();
$this->_order_id = osC_Order::insert();
$params = array('x_version' => '3.1', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '"', 'x_relay_response' => 'FALSE', 'x_login' => MODULE_PAYMENT_AUTHORIZENET_ECHECK_LOGIN_ID, 'x_tran_key' => MODULE_PAYMENT_AUTHORIZENET_ECHECK_TRANSACTION_KEY, 'x_amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()), 'x_currency_code' => $osC_Currencies->getCode(), 'x_method' => 'ECHECK', 'x_bank_aba_code' => $_POST['authorizenet_echeck_routing_code'], 'x_bank_acct_num' => $_POST['authorizenet_echeck_account_number'], 'x_bank_acct_type' => $_POST['authorizenet_echeck_account_type'], 'x_bank_name' => $_POST['authorizenet_echeck_bank_name'], 'x_bank_acct_name' => $_POST['authorizenet_echeck_owner'], 'x_echeck_type' => 'WEB', 'x_type' => 'AUTH_ONLY', 'x_first_name' => $osC_ShoppingCart->getBillingAddress('firstname'), 'x_last_name' => $osC_ShoppingCart->getBillingAddress('lastname'), 'x_company' => $osC_ShoppingCart->getBillingAddress('company'), 'x_address' => $osC_ShoppingCart->getBillingAddress('street_address'), 'x_city' => $osC_ShoppingCart->getBillingAddress('city'), 'x_state' => $osC_ShoppingCart->getBillingAddress('state'), 'x_zip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'x_country' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'x_cust_id' => $osC_Customer->getID(), 'x_customer_ip' => osc_get_ip_address(), 'x_invoice_num' => $this->_order_id, 'x_email' => $osC_Customer->getEmailAddress(), 'x_email_customer' => 'FALSE', 'x_ship_to_first_name' => $osC_ShoppingCart->getShippingAddress('firstname'), 'x_ship_to_last_name' => $osC_ShoppingCart->getShippingAddress('lastname'), 'x_ship_to_company' => $osC_ShoppingCart->getShippingAddress('company'), 'x_ship_to_address' => $osC_ShoppingCart->getShippingAddress('street_address'), 'x_ship_to_city' => $osC_ShoppingCart->getShippingAddress('city'), 'x_ship_to_state' => $osC_ShoppingCart->getShippingAddress('state'), 'x_ship_to_zip' => $osC_ShoppingCart->getShippingAddress('postcode'), 'x_ship_to_country' => $osC_ShoppingCart->getShippingAddress('country_iso_code_2'));
if (ACCOUNT_TELEPHONE > -1) {
$params['x_phone'] = $osC_ShoppingCart->getBillingAddress('telephone_number');
}
if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_TRANSACTION_TEST_MODE == '1') {
$params['x_test_request'] = 'TRUE';
}
if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_VERIFY_WITH_WF_SS == '1') {
$params['x_customer_organization_type'] = $_POST['authorizenet_echeck_org_type'];
$params['x_customer_tax_id'] = $_POST['authorizenet_echeck_tax_id'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string);
if (empty($this->_transaction_response) === false) {
$regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $this->_transaction_response);
foreach ($regs as $key => $value) {
$regs[$key] = substr($value, 1, -1);
// remove double quotes
}
} else {
$regs = array('-1', '-1', '-1');
}
$error = false;
if ($regs[0] == '1') {
if (!osc_empty(MODULE_PAYMENT_AUTHORIZENET_ECHECK_MD5_HASH)) {
if (strtoupper($regs[37]) != strtoupper(md5(MODULE_PAYMENT_AUTHORIZENET_ECHECK_MD5_HASH . MODULE_PAYMENT_AUTHORIZENET_ECHECK_LOGIN_ID . $regs[6] . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode())))) {
$error = $osC_Language->get('payment_authorizenet_echeck_error_general');
}
}
} else {
switch ($regs[2]) {
case '9':
$error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_routing_code');
break;
case '10':
$error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_account');
break;
case '77':
$error = $osC_Language->get('payment_authorizenet_echeck_error_invalid_tax_id');
break;
default:
$error = $osC_Language->get('payment_authorizenet_echeck_error_general');
break;
}
}
if ($error === false) {
osC_Order::process($this->_order_id, $this->order_status);
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $this->_order_id);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
$Qtransaction->bindInt(':transaction_return_status', 1);
$Qtransaction->execute();
} else {
osC_Order::remove($this->_order_id);
$osC_MessageStack->add('checkout_payment', $error, 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&authorizenet_echeck_owner=' . $_POST['authorizenet_echeck_owner'] . '&authorizenet_echeck_account_type=' . $_POST['authorizenet_echeck_account_type'] . '&authorizenet_echeck_bank_name=' . $_POST['authorizenet_echeck_bank_name'] . '&authorizenet_echeck_routing_code=' . $_POST['authorizenet_echeck_routing_code'], 'SSL'));
}
}
function process()
{
global $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack;
$currency = $osC_Currencies->getCode();
if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && isset($this->cc_types[$_POST['cc_type']]) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) {
$params = array('USER' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_USERNAME || MODULE_PAYMENT_PAYPAL_UK_DIRECT_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_UK_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'AMT' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal() - $osC_ShoppingCart->getShippingMethod('cost'), $currency), 'CURRENCY' => $currency, 'NAME' => $_POST['cc_owner'], 'STREET' => $osC_ShoppingCart->getBillingAddress('street_address'), 'CITY' => $osC_ShoppingCart->getBillingAddress('city'), 'STATE' => $osC_ShoppingCart->getBillingAddress('state'), 'COUNTRY' => $osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 'ZIP' => $osC_ShoppingCart->getBillingAddress('postcode'), 'CLIENTIP' => osc_get_ip_address(), 'EMAIL' => $osC_ShoppingCart->getBillingAddress('email_address'), 'ACCT' => $_POST['cc_number_nh-dns'], 'ACCTTYPE' => $_POST['cc_type'], 'CARDSTART' => $_POST['cc_starts_month'] . $_POST['cc_starts_year'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], 'BUTTONSOURCE' => 'tomatcart');
if ($_POST['cc_type'] == 'SWITCH' || $_POST['cc_type'] == 'SOLO') {
$params['ISSUENUMBER'] = $_POST['cc_issue_nh-dns'];
}
if ($osC_ShoppingCart->hasShippingAddress()) {
$params['SHIPTONAME'] = $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname');
$params['SHIPTOSTREET'] = $osC_ShoppingCart->getShippingAddress('street_address');
$params['SHIPTOCITY'] = $osC_ShoppingCart->getShippingAddress('city');
$params['SHIPTOSTATE'] = $osC_ShoppingCart->getShippingAddress('zone_code');
$params['SHIPTOCOUNTRYCODE'] = $osC_ShoppingCart->getShippingAddress('country_iso_code_2');
$params['SHIPTOZIP'] = $osC_ShoppingCart->getShippingAddress('postcode');
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($this->api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['RESULT'] != '0') {
switch ($response_array['RESULT']) {
case '1':
case '26':
$error_message = $osC_Language->get('payment_paypal_uk_direct_error_cfg_error');
break;
case '7':
$error_message = $osC_Language->get('payment_paypal_uk_direct_error_address');
break;
case '12':
$error_message = $osC_Language->get('payment_paypal_uk_direct_error_declined');
break;
case '23':
case '24':
$error_message = $osC_Language->get('payment_paypal_uk_direct_error_invalid_credit_card');
break;
default:
$error_message = $osC_Language->get('payment_paypal_uk_direct_error_general');
break;
}
$messageStack->add_session('checkout', $error_message, 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
} else {
$comments = 'PayPal Website Payments Pro (US) Direct Payments perform successfully.';
$orders_id = osC_Order::insert();
osC_Order::process($orders_id, ORDERS_STATUS_PAID, $comments);
}
} else {
$messageStack->add_session('checkout', $error_message, 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=orderConfirmationForm', 'SSL'));
}
}
public static function start()
{
Registry::set('Session', SessionClass::load());
$OSCOM_Session = Registry::get('Session');
$OSCOM_Session->setLifeTime(SERVICE_SESSION_EXPIRATION_TIME * 60);
if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1' || (bool) ini_get('session.use_only_cookies') === true) {
osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
if (isset($_COOKIE['cookie_test'])) {
$OSCOM_Session->start();
}
} elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
if (!empty($user_agent)) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (!empty($spider)) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
$OSCOM_Session->start();
}
} else {
$OSCOM_Session->start();
}
// verify the ssl_session_id
if (OSCOM::getRequestType() == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
if (!isset($_SESSION['SESSION_SSL_ID'])) {
$_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
}
if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
$OSCOM_Session->destroy();
osc_redirect(OSCOM::getLink(null, 'Info', 'SSLcheck', 'AUTO'));
}
}
}
// verify the browser user agent
if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (!isset($_SESSION['SESSION_USER_AGENT'])) {
$_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
}
if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
$OSCOM_Session->destroy();
osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// verify the IP address
if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
if (!isset($_SESSION['SESSION_IP_ADDRESS'])) {
$_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address();
}
if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) {
$OSCOM_Session->destroy();
osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
Registry::get('MessageStack')->loadFromSession();
return true;
}
public static function start()
{
$OSCOM_Customer = Registry::get('Customer');
$OSCOM_Database = Registry::get('Database');
if ($OSCOM_Customer->isLoggedOn()) {
$wo_customer_id = $OSCOM_Customer->getID();
$wo_full_name = $OSCOM_Customer->getName();
} else {
$wo_customer_id = null;
$wo_full_name = 'Guest';
if (SERVICE_WHOS_ONLINE_SPIDER_DETECTION == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
if (!empty($user_agent)) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (!empty($spider)) {
if (strpos($user_agent, trim($spider)) !== false) {
$wo_full_name = $spider;
break;
}
}
}
}
}
}
$wo_session_id = session_id();
$wo_ip_address = osc_get_ip_address();
$wo_last_page_url = osc_output_string_protected(substr($_SERVER['REQUEST_URI'], 0, 255));
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
$Qwhosonline = $OSCOM_Database->query('delete from :table_whos_online where time_last_click < :time_last_click');
$Qwhosonline->bindValue(':time_last_click', $xx_mins_ago);
$Qwhosonline->execute();
$Qwhosonline = $OSCOM_Database->query('select count(*) as count from :table_whos_online where session_id = :session_id');
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->execute();
if ($Qwhosonline->valueInt('count') > 0) {
$Qwhosonline = $OSCOM_Database->query('update :table_whos_online set customer_id = :customer_id, full_name = :full_name, ip_address = :ip_address, time_last_click = :time_last_click, last_page_url = :last_page_url where session_id = :session_id');
if ($wo_customer_id > 0) {
$Qwhosonline->bindInt(':customer_id', $wo_customer_id);
} else {
$Qwhosonline->bindRaw(':customer_id', 'null');
}
$Qwhosonline->bindValue(':full_name', $wo_full_name);
$Qwhosonline->bindValue(':ip_address', $wo_ip_address);
$Qwhosonline->bindValue(':time_last_click', $current_time);
$Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->execute();
} else {
$Qwhosonline = $OSCOM_Database->query('insert into :table_whos_online (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (:customer_id, :full_name, :session_id, :ip_address, :time_entry, :time_last_click, :last_page_url)');
if ($wo_customer_id > 0) {
$Qwhosonline->bindInt(':customer_id', $wo_customer_id);
} else {
$Qwhosonline->bindRaw(':customer_id', 'null');
}
$Qwhosonline->bindValue(':full_name', $wo_full_name);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->bindValue(':ip_address', $wo_ip_address);
$Qwhosonline->bindValue(':time_entry', $current_time);
$Qwhosonline->bindValue(':time_last_click', $current_time);
$Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
$Qwhosonline->execute();
}
return true;
}
function generatePassword($email)
{
global $osC_Database;
$password = osc_create_random_string(8);
$Qpassword = $osC_Database->query('update :table_administrators set user_password = :user_password where email_address = :email_address');
$Qpassword->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qpassword->bindValue(':user_password', osc_encrypt_string($password));
$Qpassword->bindValue(':email_address', $email);
$Qpassword->execute();
if (!$osC_Database->isError()) {
$Qadmin = $osC_Database->query('select id, user_name, email_address from :table_administrators where email_address = :email_address');
$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qadmin->bindValue(':email_address', $email);
$Qadmin->execute();
include '../includes/classes/email_template.php';
$email_template = toC_Email_Template::getEmailTemplate('admin_password_forgotten');
$email_template->setData($Qadmin->value('user_name'), osc_get_ip_address(), $password, $email);
$email_template->buildMessage();
$email_template->sendEmail();
return true;
}
return false;
}
function start()
{
global $osC_Customer, $osC_Database;
if ($osC_Customer->isLoggedOn()) {
$wo_customer_id = $osC_Customer->getID();
$wo_full_name = $osC_Customer->getName();
} else {
$wo_customer_id = '0';
$wo_full_name = 'Guest';
if (SERVICE_WHOS_ONLINE_SPIDER_DETECTION == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
if (!empty($user_agent)) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (!empty($spider)) {
if (strpos($user_agent, trim($spider)) !== false) {
$wo_customer_id = '-1';
$wo_full_name = $spider;
break;
}
}
}
}
}
}
$wo_session_id = session_id();
$wo_ip_address = osc_get_ip_address();
$wo_last_page_url = $_SERVER['REQUEST_URI'];
if (!empty($_SERVER['HTTP_REFERER'])) {
$referrer_url = parse_url($_SERVER['HTTP_REFERER']);
$referrer_url = strtolower($referrer_url['host']);
} else {
$referrer_url = null;
}
// A Bot doesn't have a session (normally shouldn't), therefore the IP Address is used as unique identifier
if (empty($wo_session_id)) {
$wo_session_id = $wo_ip_address;
}
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
$Qwhosonline = $osC_Database->query('delete from :table_whos_online where time_last_click < :time_last_click');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindValue(':time_last_click', $xx_mins_ago);
$Qwhosonline->execute();
$Qwhosonline = $osC_Database->query('select count(*) as count from :table_whos_online where session_id = :session_id');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->execute();
if ($Qwhosonline->valueInt('count') > 0) {
$Qwhosonline = $osC_Database->query('update :table_whos_online set customer_id = :customer_id, full_name = :full_name, ip_address = :ip_address, time_last_click = :time_last_click, last_page_url = :last_page_url where session_id = :session_id');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindInt(':customer_id', $wo_customer_id);
$Qwhosonline->bindValue(':full_name', $wo_full_name);
$Qwhosonline->bindValue(':ip_address', $wo_ip_address);
$Qwhosonline->bindValue(':time_last_click', $current_time);
$Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->execute();
} else {
$Qwhosonline = $osC_Database->query('insert into :table_whos_online (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url, referrer_url) values (:customer_id, :full_name, :session_id, :ip_address, :time_entry, :time_last_click, :last_page_url, :referrer_url)');
$Qwhosonline->bindRaw(':table_whos_online', TABLE_WHOS_ONLINE);
$Qwhosonline->bindInt(':customer_id', $wo_customer_id);
$Qwhosonline->bindValue(':full_name', $wo_full_name);
$Qwhosonline->bindValue(':session_id', $wo_session_id);
$Qwhosonline->bindValue(':ip_address', $wo_ip_address);
$Qwhosonline->bindValue(':time_entry', $current_time);
$Qwhosonline->bindValue(':time_last_click', $current_time);
$Qwhosonline->bindValue(':last_page_url', $wo_last_page_url);
$Qwhosonline->bindValue(':referrer_url', $referrer_url);
$Qwhosonline->execute();
}
$Qwhosonline->freeResult();
return true;
}
function process()
{
global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard;
$this->_verifyData();
$this->_order_id = osC_Order::insert();
$params = array('orderID' => $this->_order_id, 'PSPID' => MODULE_PAYMENT_OGONE_DIRECTLINK_CC_MERCHANT_ID, 'PSWD' => MODULE_PAYMENT_OGONE_DIRECTLINK_CC_PASSWORD, 'amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100, 'currency' => $osC_Currencies->getCode(), 'CARDNO' => $osC_CreditCard->getNumber(), 'ED' => $osC_CreditCard->getExpiryMonth() . '/' . substr($osC_CreditCard->getExpiryYear(), -2), 'CVC' => $osC_CreditCard->getCVC(), 'CN' => $osC_CreditCard->getOwner(), 'EMAIL' => $osC_Customer->getEmailAddress(), 'Owneraddress' => $osC_ShoppingCart->getBillingAddress('street_address'), 'OwnerZip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'Ecom_Payment_Card_Verification' => $osC_CreditCard->getCVC(), 'Operation' => 'RES', 'REMOTE_ADDR' => osc_get_ip_address(), 'COM' => 'Customer ID: ' . $osC_Customer->getID());
if (osc_empty(MODULE_PAYMENT_OGONE_DIRECTLINK_CC_USER_ID) === false) {
$params['USERID'] = MODULE_PAYMENT_OGONE_DIRECTLINK_CC_USER_ID;
}
if (osc_empty(MODULE_PAYMENT_OGONE_DIRECTLINK_CC_SHA1_SIGNATURE) === false) {
$params['SHASign'] = sha1($this->_order_id . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $osC_Currencies->getCode()) * 100 . $osC_Currencies->getCode() . $osC_CreditCard->getNumber() . MODULE_PAYMENT_OGONE_DIRECTLINK_CC_MERCHANT_ID . 'RES' . MODULE_PAYMENT_OGONE_DIRECTLINK_CC_SHA1_SIGNATURE);
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$this->_transaction_response = $this->sendTransactionToGateway($this->_gateway_url, $post_string);
if (empty($this->_transaction_response) === false) {
$osC_XML = new osC_XML($this->_transaction_response);
$result = $osC_XML->toArray();
} else {
$result = array('ncresponse attr' => array('STATUS' => ''));
}
switch ($result['ncresponse attr']['STATUS']) {
case '':
case '0':
case '2':
osC_Order::remove($this->_order_id);
$messageStack->add_session('checkout_payment', $osC_Language->get('payment_ogone_directlink_cc_error_general'), 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&ogone_directlink_cc_owner=' . $osC_CreditCard->getOwner() . '&ogone_directlink_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&ogone_directlink_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_OGONE_DIRECTLINK_CC_VERIFY_WITH_CVC == '1' ? '&ogone_directlink_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL'));
break;
}
osC_Order::process($this->_order_id, $this->order_status);
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $this->_order_id);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
$Qtransaction->bindInt(':transaction_return_status', 1);
$Qtransaction->execute();
}
function _insertGiftCertificateRedeemHistory($gift_certificate_code)
{
global $osC_Database;
//get gift certificate id
$Qcertificate = $osC_Database->query('select gift_certificates_id from :table_gift_certificates where gift_certificates_code = :gift_certificates_code');
$Qcertificate->bindTable(':table_gift_certificates', TABLE_GIFT_CERTIFICATES);
$Qcertificate->bindValue(':gift_certificates_code', $gift_certificate_code);
$Qcertificate->execute();
$Qinsert = $osC_Database->query('insert into :table_gift_certificates_redeem_history (gift_certificates_id, customers_id, orders_id, redeem_date, redeem_amount, redeem_ip_address) values (:gift_certificates_id, :customers_id, :orders_id, now(), :redeem_amount, :redeem_ip_address)');
$Qinsert->bindTable(':table_gift_certificates_redeem_history', TABLE_GIFT_CERTIFICATES_REDEEM_HISTORY);
$Qinsert->bindInt(':gift_certificates_id', $Qcertificate->valueInt('gift_certificates_id'));
$Qinsert->bindInt(':customers_id', $this->_customer['customers_id']);
$Qinsert->bindInt(':orders_id', $this->getOrderID());
$Qinsert->bindValue(':redeem_amount', $this->_gift_certificate_redeem_amount[$gift_certificate_code]);
$Qinsert->bindValue(':redeem_ip_address', osc_get_ip_address());
$Qinsert->setLogging($_SESSION['module'], $this->getOrderID());
$Qinsert->execute();
if (!$osC_Database->isError()) {
return true;
}
return false;
}
function callback()
{
global $osC_Database;
$ip_address = osc_get_ip_address();
if ($ip_address == '69.20.58.35' || $ip_address == '207.97.201.192') {
if (isset($_POST['cs1']) && is_numeric($_POST['cs1']) && isset($_POST['cs2']) && is_numeric($_POST['cs2']) && isset($_POST['cs3']) && empty($_POST['cs3']) === false && isset($_POST['product_id']) && $_POST['product_id'] == MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID && isset($_POST['total']) && empty($_POST['total']) === false && isset($_POST['transaction_type']) && empty($_POST['transaction_type']) === false) {
if (osC_Order::exists($_POST['cs2'], $_POST['cs1'])) {
$pass = false;
$post_array = array('root' => $_POST);
$osC_XML = new osC_XML($post_array);
if ($_POST['cs3'] == md5(MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID . $_POST['cs2'] . $_POST['cs1'] . $_POST['total'] . MODULE_PAYMENT_CHRONOPAY_MD5_HASH)) {
if (osC_Order::getStatusID($_POST['cs2']) === 4) {
$pass = true;
osC_Order::process($_POST['cs2'], $this->order_status);
}
}
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $_POST['cs2']);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $osC_XML->toXML());
$Qtransaction->bindInt(':transaction_return_status', $pass === true ? 1 : 0);
$Qtransaction->execute();
}
}
}
}
function process_button()
{
global $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Tax, $osC_Session;
$process_button_string = '';
$params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_LOGIN_ID, 0, 20), 'x_version' => '3.1', 'x_show_form' => 'PAYMENT_FORM', 'x_receipt_link_met' => 'POST', 'x_receipt_link_url' => osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL', false, false, true), 'x_relay_response' => 'TRUE', 'x_relay_url' => osc_href_link(FILENAME_CHECKOUT, 'process', 'SSL', false, false, true), 'x_first_name' => substr($osC_ShoppingCart->getBillingAddress('firstname'), 0, 50), 'x_last_name' => substr($osC_ShoppingCart->getBillingAddress('lastname'), 0, 50), 'x_company' => substr($osC_ShoppingCart->getBillingAddress('company'), 0, 50), 'x_address' => substr($osC_ShoppingCart->getBillingAddress('street_address'), 0, 60), 'x_city' => substr($osC_ShoppingCart->getBillingAddress('city'), 0, 40), 'x_state' => substr($osC_ShoppingCart->getBillingAddress('state'), 0, 40), 'x_zip' => substr($osC_ShoppingCart->getBillingAddress('postcode'), 0, 20), 'x_country' => substr($osC_ShoppingCart->getBillingAddress('country_iso_code_2'), 0, 60), 'x_phone' => substr($osC_ShoppingCart->getBillingAddress('telephone_number'), 0, 25), 'x_cust_id' => substr($osC_Customer->getID(), 0, 20), 'x_cus_ip' => osc_get_ip_address(), 'x_email' => substr($osC_Customer->getEmailAddress(), 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), 'x_currency_code' => substr($osC_Currencies->getCode(), 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY');
if ($osC_ShoppingCart->hasShippingAddress()) {
$params['x_ship_to_first_name'] = substr($osC_ShoppingCart->getShippingAddress('firstname'), 0, 50);
$params['x_ship_to_last_name'] = substr($osC_ShoppingCart->getShippingAddress('lastname'), 0, 50);
$params['x_ship_to_company'] = substr($osC_ShoppingCart->getShippingAddress('company'), 0, 50);
$params['x_ship_to_address'] = substr($osC_ShoppingCart->getShippingAddress('street_address'), 0, 60);
$params['x_ship_to_city'] = substr($osC_ShoppingCart->getShippingAddress('city'), 0, 40);
$params['x_ship_to_state'] = substr($osC_ShoppingCart->getShippingAddress('zone_code'), 0, 40);
$params['x_ship_to_zip'] = substr($osC_ShoppingCart->getShippingAddress('postcode'), 0, 20);
$params['x_ship_to_country'] = substr($osC_ShoppingCart->getShippingAddress('country_iso_code_2'), 0, 60);
}
$hash_params = $this->_InsertFP(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_LOGIN_ID, MODULE_PAYMENT_AUTHORIZENET_CC_SIM_API_TRANSACTION_KEY, $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal()), rand(1, 1000), $osC_Currencies->getCode());
$params = array_merge($params, $hash_params);
if (MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_MODE == 'Test') {
$params['x_test_request'] = 'TRUE';
}
foreach ($params as $key => $value) {
$process_button_string .= osc_draw_hidden_field($key, $value);
}
if ($osC_ShoppingCart->hasContents()) {
foreach ($osC_ShoppingCart->getProducts() as $key => $product) {
$process_button_string .= osc_draw_hidden_field('x_line_item', $key + 1 . '<|>' . substr($product['name'], 0, 31) . '<|>' . substr($product['name'], 0, 255) . '<|>' . $product['quantity'] . '<|>' . $osC_Currencies->formatRaw($product['final_price']) . '<|>' . ($product['tax_class_id'] > 0 ? 'YES' : 'NO'));
}
}
$shipping_tax = $osC_ShoppingCart->getShippingMethod('cost') * ($osC_Tax->getTaxRate($osC_ShoppingCart->getShippingMethod('tax_class_id'), $osC_ShoppingCart->getTaxingAddress('country_id'), $osC_ShoppingCart->getTaxingAddress('zone_id')) / 100);
$total_tax = $osC_ShoppingCart->getTax() - $shipping_tax;
if ($total_tax > 0) {
$process_button_string .= osc_draw_hidden_field('x_tax', $osC_Currencies->formatRaw($total_tax));
}
$process_button_string .= osc_draw_hidden_field('x_freight', $osC_Currencies->formatRaw($osC_ShoppingCart->getShippingMethod('cost'))) . osc_draw_hidden_field($osC_Session->getName(), $osC_Session->getID());
return $process_button_string;
}
function start()
{
global $request_type, $osC_Session, $messageStack;
if (ini_get('session.use_cookies') == '0') {
ini_set('session.use_cookies', '1');
}
if (ini_get('session.use_trans_sid') == '1') {
ini_set('session.use_trans_sid', '0');
}
include 'includes/classes/session.php';
$osC_Session = new osC_Session();
if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
if (isset($_COOKIE['cookie_test'])) {
$osC_Session->start();
}
} elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
if (empty($user_agent) === false) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
$osC_Session->start();
}
} else {
$osC_Session->start();
}
// verify the ssl_session_id
if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
if (isset($_SESSION['SESSION_SSL_ID']) === false) {
$_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
}
if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
$osC_Session->destroy();
osc_redirect(osc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
}
}
}
// verify the browser user agent
if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
$_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
}
if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
$osC_Session->destroy();
osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// verify the IP address
if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
$_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address();
}
if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) {
$osC_Session->destroy();
osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// add messages in the session to the message stack
$messageStack->loadFromSession();
return true;
}
function process()
{
global $osC_Database, $osC_Customer, $osC_Currencies, $osC_ShoppingCart, $osC_Language, $messageStack, $osC_CreditCard;
$this->_verifyData();
$this->_order_id = osC_Order::insert();
$params = array('action' => 'ns_quicksale_cc', 'acctid' => MODULE_PAYMENT_PAYQUAKE_CC_ACCOUNT_ID, 'amount' => $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), 'USD'), 'ccname' => $osC_CreditCard->getOwner(), 'expmon' => $osC_CreditCard->getExpiryMonth(), 'expyear' => $osC_CreditCard->getExpiryYear(), 'authonly' => '1', 'ci_companyname' => $osC_ShoppingCart->getBillingAddress('company'), 'ci_billaddr1' => $osC_ShoppingCart->getBillingAddress('street_address'), 'ci_billcity' => $osC_ShoppingCart->getBillingAddress('city'), 'ci_billstate' => $osC_ShoppingCart->getBillingAddress('zone_code'), 'ci_billzip' => $osC_ShoppingCart->getBillingAddress('postcode'), 'ci_billcountry' => $osC_ShoppingCart->getBillingAddress('country_title'), 'ci_shipaddr1' => $osC_ShoppingCart->getShippingAddress('street_address'), 'ci_shipcity' => $osC_ShoppingCart->getShippingAddress('city'), 'ci_shipstate' => $osC_ShoppingCart->getShippingAddress('zone_code'), 'ci_shipzip' => $osC_ShoppingCart->getShippingAddress('postcode'), 'ci_shipcountry' => $osC_ShoppingCart->getShippingAddress('country_title'), 'ci_phone' => $osC_ShoppingCart->getBillingAddress('telephone_number'), 'ci_email' => $osC_Customer->getEmailAddress(), 'email_from' => STORE_OWNER_EMAIL_ADDRESS, 'ci_ipaddress' => osc_get_ip_address(), 'merchantordernumber' => $osC_Customer->getID(), 'pocustomerrefid' => $this->_order_id);
if (!osc_empty(MODULE_PAYMENT_PAYQUAKE_CC_3DES)) {
$key = pack('H48', MODULE_PAYMENT_PAYQUAKE_CC_3DES);
$data = bin2hex(mcrypt_encrypt(MCRYPT_3DES, $key, $osC_CreditCard->getNumber(), MCRYPT_MODE_ECB));
$params['ccnum'] = $data;
unset($key);
unset($data);
} else {
$params['ccnum'] = $osC_CreditCard->getNumber();
}
if (MODULE_PAYMENT_PAYQUAKE_CC_VERIFY_WITH_CVC == '1') {
$params['cvv2'] = $osC_CreditCard->getCVC();
}
if (!osc_empty(MODULE_PAYMENT_PAYQUAKE_CC_MERCHANT_PIN)) {
$params['merchantPIN'] = MODULE_PAYMENT_PAYQUAKE_CC_MERCHANT_PIN;
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$this->_transaction_response = $this->sendTransactionToGateway('https://trans.merchantpartners.com/cgi-bin/process.cgi', $post_string);
$error = false;
if (!empty($this->_transaction_response)) {
$regs = explode("\n", trim($this->_transaction_response));
array_shift($regs);
$result = array();
foreach ($regs as $response) {
$res = explode('=', $response, 2);
$result[strtolower(trim($res[0]))] = trim($res[1]);
}
if ($result['status'] != 'Accepted') {
$error = explode(':', $result['reason'], 3);
$error = $error[2];
if (empty($error)) {
$error = $osC_Language->get('payment_payquake_cc_error_general');
}
}
} else {
$error = $osC_Language->get('payment_payquake_cc_error_general');
}
if ($error === false) {
osC_Order::process($this->_order_id, $this->order_status);
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $this->_order_id);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
$Qtransaction->bindInt(':transaction_return_status', 1);
$Qtransaction->execute();
} else {
osC_Order::remove($this->_order_id);
$messageStack->add_session('checkout_payment', $error, 'error');
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment&payquake_cc_owner=' . $osC_CreditCard->getOwner() . '&payquake_cc_expires_month=' . $osC_CreditCard->getExpiryMonth() . '&payquake_cc_expires_year=' . $osC_CreditCard->getExpiryYear() . (MODULE_PAYMENT_PAYQUAKE_CC_VERIFY_WITH_CVC == '1' ? '&payquake_cc_cvc=' . $osC_CreditCard->getCVC() : ''), 'SSL'));
}
}
function insert()
{
global $osC_Database, $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $osC_Tax;
if (isset($_SESSION['prepOrderID'])) {
$_prep = explode('-', $_SESSION['prepOrderID']);
if ($_prep[0] == $osC_ShoppingCart->getCartID()) {
return $_prep[1];
// order_id
} else {
if (osC_Order::getStatusID($_prep[1]) === 4) {
osC_Order::remove($_prep[1]);
}
}
}
$customer_address = osC_AddressBook::getEntry($osC_Customer->getDefaultAddressID())->toArray();
$Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_state_code, customers_country, customers_country_iso2, customers_country_iso3, customers_telephone, customers_email_address, customers_address_format, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_state_code, delivery_country, delivery_country_iso2, delivery_country_iso3, delivery_address_format, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_state_code, billing_country, billing_country_iso2, billing_country_iso3, billing_address_format, payment_method, payment_module, date_purchased, orders_status, currency, currency_value) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_state_code, :customers_country, :customers_country_iso2, :customers_country_iso3, :customers_telephone, :customers_email_address, :customers_address_format, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_state_code, :delivery_country, :delivery_country_iso2, :delivery_country_iso3, :delivery_address_format, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_state_code, :billing_country, :billing_country_iso2, :billing_country_iso3, :billing_address_format, :payment_method, :payment_module, now(), :orders_status, :currency, :currency_value)');
$Qorder->bindTable(':table_orders', TABLE_ORDERS);
$Qorder->bindInt(':customers_id', $osC_Customer->getID());
$Qorder->bindValue(':customers_name', $osC_Customer->getName());
$Qorder->bindValue(':customers_company', $customer_address['entry_company']);
$Qorder->bindValue(':customers_street_address', $customer_address['entry_street_address']);
$Qorder->bindValue(':customers_suburb', $customer_address['entry_suburb']);
$Qorder->bindValue(':customers_city', $customer_address['entry_city']);
$Qorder->bindValue(':customers_postcode', $customer_address['entry_postcode']);
$Qorder->bindValue(':customers_state', $customer_address['entry_state']);
$Qorder->bindValue(':customers_state_code', osC_Address::getZoneCode($customer_address['entry_zone_id']));
$Qorder->bindValue(':customers_country', osC_Address::getCountryName($customer_address['entry_country_id']));
$Qorder->bindValue(':customers_country_iso2', osC_Address::getCountryIsoCode2($customer_address['entry_country_id']));
$Qorder->bindValue(':customers_country_iso3', osC_Address::getCountryIsoCode3($customer_address['entry_country_id']));
$Qorder->bindValue(':customers_telephone', $customer_address['entry_telephone']);
$Qorder->bindValue(':customers_email_address', $osC_Customer->getEmailAddress());
$Qorder->bindValue(':customers_address_format', osC_Address::getFormat($customer_address['entry_country_id']));
$Qorder->bindValue(':customers_ip_address', osc_get_ip_address());
$Qorder->bindValue(':delivery_name', $osC_ShoppingCart->getShippingAddress('firstname') . ' ' . $osC_ShoppingCart->getShippingAddress('lastname'));
$Qorder->bindValue(':delivery_company', $osC_ShoppingCart->getShippingAddress('company'));
$Qorder->bindValue(':delivery_street_address', $osC_ShoppingCart->getShippingAddress('street_address'));
$Qorder->bindValue(':delivery_suburb', $osC_ShoppingCart->getShippingAddress('suburb'));
$Qorder->bindValue(':delivery_city', $osC_ShoppingCart->getShippingAddress('city'));
$Qorder->bindValue(':delivery_postcode', $osC_ShoppingCart->getShippingAddress('postcode'));
$Qorder->bindValue(':delivery_state', $osC_ShoppingCart->getShippingAddress('state'));
$Qorder->bindValue(':delivery_state_code', $osC_ShoppingCart->getShippingAddress('zone_code'));
$Qorder->bindValue(':delivery_country', $osC_ShoppingCart->getShippingAddress('country_title'));
$Qorder->bindValue(':delivery_country_iso2', $osC_ShoppingCart->getShippingAddress('country_iso_code_2'));
$Qorder->bindValue(':delivery_country_iso3', $osC_ShoppingCart->getShippingAddress('country_iso_code_3'));
$Qorder->bindValue(':delivery_address_format', $osC_ShoppingCart->getShippingAddress('format'));
$Qorder->bindValue(':billing_name', $osC_ShoppingCart->getBillingAddress('firstname') . ' ' . $osC_ShoppingCart->getBillingAddress('lastname'));
$Qorder->bindValue(':billing_company', $osC_ShoppingCart->getBillingAddress('company'));
$Qorder->bindValue(':billing_street_address', $osC_ShoppingCart->getBillingAddress('street_address'));
$Qorder->bindValue(':billing_suburb', $osC_ShoppingCart->getBillingAddress('suburb'));
$Qorder->bindValue(':billing_city', $osC_ShoppingCart->getBillingAddress('city'));
$Qorder->bindValue(':billing_postcode', $osC_ShoppingCart->getBillingAddress('postcode'));
$Qorder->bindValue(':billing_state', $osC_ShoppingCart->getBillingAddress('state'));
$Qorder->bindValue(':billing_state_code', $osC_ShoppingCart->getBillingAddress('zone_code'));
$Qorder->bindValue(':billing_country', $osC_ShoppingCart->getBillingAddress('country_title'));
$Qorder->bindValue(':billing_country_iso2', $osC_ShoppingCart->getBillingAddress('country_iso_code_2'));
$Qorder->bindValue(':billing_country_iso3', $osC_ShoppingCart->getBillingAddress('country_iso_code_3'));
$Qorder->bindValue(':billing_address_format', $osC_ShoppingCart->getBillingAddress('format'));
$Qorder->bindValue(':payment_method', $osC_ShoppingCart->getBillingMethod('title'));
$Qorder->bindValue(':payment_module', $GLOBALS['osC_Payment_' . $osC_ShoppingCart->getBillingMethod('id')]->getCode());
$Qorder->bindInt(':orders_status', 4);
$Qorder->bindValue(':currency', $osC_Currencies->getCode());
$Qorder->bindValue(':currency_value', $osC_Currencies->value($osC_Currencies->getCode()));
$Qorder->execute();
$insert_id = $osC_Database->nextID();
foreach ($osC_ShoppingCart->getOrderTotals() as $module) {
$Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)');
$Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotals->bindInt(':orders_id', $insert_id);
$Qtotals->bindValue(':title', $module['title']);
$Qtotals->bindValue(':text', $module['text']);
$Qtotals->bindValue(':value', $module['value']);
$Qtotals->bindValue(':class', $module['code']);
$Qtotals->bindInt(':sort_order', $module['sort_order']);
$Qtotals->execute();
}
$Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, now(), :customer_notified, :comments)');
$Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY);
$Qstatus->bindInt(':orders_id', $insert_id);
$Qstatus->bindInt(':orders_status_id', 4);
$Qstatus->bindInt(':customer_notified', '0');
$Qstatus->bindValue(':comments', isset($_SESSION['comments']) ? $_SESSION['comments'] : '');
$Qstatus->execute();
foreach ($osC_ShoppingCart->getProducts() as $products) {
$Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_model, products_name, products_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_model, :products_name, :products_price, :products_tax, :products_quantity)');
$Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS);
$Qproducts->bindInt(':orders_id', $insert_id);
$Qproducts->bindInt(':products_id', osc_get_product_id($products['id']));
$Qproducts->bindValue(':products_model', $products['model']);
$Qproducts->bindValue(':products_name', $products['name']);
$Qproducts->bindValue(':products_price', $products['price']);
$Qproducts->bindValue(':products_tax', $osC_Tax->getTaxRate($products['tax_class_id']));
$Qproducts->bindInt(':products_quantity', $products['quantity']);
$Qproducts->execute();
$order_products_id = $osC_Database->nextID();
if ($osC_ShoppingCart->isVariant($products['item_id'])) {
foreach ($osC_ShoppingCart->getVariant($products['item_id']) as $variant) {
/* HPDL
if (DOWNLOAD_ENABLED == '1') {
$Qattributes = $osC_Database->query('select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename from :table_products_options popt, :table_products_options_values poval, :table_products_attributes pa left join :table_products_attributes_download pad on (pa.products_attributes_id = pad.products_attributes_id) where pa.products_id = :products_id and pa.options_id = :options_id and pa.options_id = popt.products_options_id and pa.options_values_id = :options_values_id and pa.options_values_id = poval.products_options_values_id and popt.language_id = :popt_language_id and poval.language_id = :poval_language_id');
$Qattributes->bindTable(':table_products_options', TABLE_PRODUCTS_OPTIONS);
$Qattributes->bindTable(':table_products_options_values', TABLE_PRODUCTS_OPTIONS_VALUES);
$Qattributes->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES);
$Qattributes->bindTable(':table_products_attributes_download', TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD);
$Qattributes->bindInt(':products_id', $products['id']);
$Qattributes->bindInt(':options_id', $attributes['options_id']);
$Qattributes->bindInt(':options_values_id', $attributes['options_values_id']);
$Qattributes->bindInt(':popt_language_id', $osC_Language->getID());
$Qattributes->bindInt(':poval_language_id', $osC_Language->getID());
$Qattributes->execute();
}
*/
$Qvariant = $osC_Database->query('insert into :table_orders_products_variants (orders_id, orders_products_id, group_title, value_title) values (:orders_id, :orders_products_id, :group_title, :value_title)');
$Qvariant->bindTable(':table_orders_products_variants', TABLE_ORDERS_PRODUCTS_VARIANTS);
$Qvariant->bindInt(':orders_id', $insert_id);
$Qvariant->bindInt(':orders_products_id', $order_products_id);
$Qvariant->bindValue(':group_title', $variant['group_title']);
$Qvariant->bindValue(':value_title', $variant['value_title']);
$Qvariant->execute();
/*HPDL
if ((DOWNLOAD_ENABLED == '1') && (strlen($Qattributes->value('products_attributes_filename')) > 0)) {
$Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :download_maxdays, :download_count)');
$Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD);
$Qopd->bindInt(':orders_id', $insert_id);
$Qopd->bindInt(':orders_products_id', $order_products_id);
$Qopd->bindValue(':orders_products_filename', $Qattributes->value('products_attributes_filename'));
$Qopd->bindValue(':download_maxdays', $Qattributes->value('products_attributes_maxdays'));
$Qopd->bindValue(':download_count', $Qattributes->value('products_attributes_maxcount'));
$Qopd->execute();
}
*/
}
}
}
$_SESSION['prepOrderID'] = $osC_ShoppingCart->getCartID() . '-' . $insert_id;
return $insert_id;
}