Ejemplo n.º 1
0
 function payment_action()
 {
     global $order, $insert_id;
     if (!isset($insert_id) || $insert_id == '') {
         $insert_id = $_SESSION['tmp_oID'];
     }
     $this->payone->log("(pre-)authorizing {$this->code} payment");
     $standard_parameters = parent::_standard_parameters();
     $this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData();
     parent::_set_customers_standard_params();
     $this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData();
     parent::_set_customers_shipping_params();
     $this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_Wallet();
     $this->payment_method->setWallettype('PPE');
     $this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id());
     $this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id());
     $this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code);
     // set order_id for deleting canceld order
     $_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID'];
     $request_parameters = parent::_request_parameters('wlt');
     $this->params = array_merge($standard_parameters, $request_parameters);
     $this->builder = new Payone_Builder($this->payone->getPayoneConfig());
     parent::_build_service_authentification('wlt');
     parent::_parse_response_payone_api();
     xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'));
 }
function xtc_hide_session_id()
{
    global $session_started;
    if ($session_started == true && defined('SID') && xtc_not_null(SID)) {
        return xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    }
}
function xtc_update_whos_online()
{
    $crawler = 0;
    if (isset($_SESSION['customer_id'])) {
        $wo_customer_id = (int) $_SESSION['customer_id'];
        $customer_query = xtc_db_query("select\n                                      customers_firstname,\n                                      customers_lastname\n                                      from " . TABLE_CUSTOMERS . "\n                                      where customers_id = '" . $wo_customer_id . "'");
        $customer = xtc_db_fetch_array($customer_query);
        $wo_full_name = xtc_db_prepare_input($customer['customers_firstname'] . ' ' . $customer['customers_lastname']);
    } else {
        $wo_customer_id = '';
        $crawler = xtc_check_agent();
        if ($crawler !== 0) {
            $wo_full_name = '[' . TEXT_SEARCH_ENGINE_AGENT . ']';
        } else {
            $wo_full_name = TEXT_GUEST;
        }
    }
    if ($crawler !== 0) {
        $wo_session_id = '';
    } else {
        $wo_session_id = xtc_session_id();
    }
    $wo_ip_address = xtc_db_prepare_input($_SESSION['tracking']['ip']);
    $wo_last_page_url = xtc_db_prepare_input(strip_tags($_SERVER['REQUEST_URI']));
    $wo_referer = xtc_db_prepare_input(isset($_SERVER['HTTP_REFERER']) ? strip_tags($_SERVER['HTTP_REFERER']) : '---');
    $current_time = time();
    $time_last_click = 900;
    if (defined('WHOS_ONLINE_TIME_LAST_CLICK')) {
        $time_last_click = (int) WHOS_ONLINE_TIME_LAST_CLICK;
    }
    $xx_mins_ago = time() - $time_last_click;
    // remove entries that have expired
    xtc_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'");
    $stored_customer_query = xtc_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . $wo_session_id . "'");
    $stored_customer = xtc_db_fetch_array($stored_customer_query);
    $sql_data_array = array('customer_id' => $wo_customer_id, 'full_name' => xtc_db_prepare_input($wo_full_name), 'ip_address' => $wo_ip_address, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url);
    if ($stored_customer['count'] > 0) {
        xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array, 'update', "session_id = '" . $wo_session_id . "'");
    } else {
        $sql_data_array['time_entry'] = $current_time;
        $sql_data_array['session_id'] = $wo_session_id;
        $sql_data_array['http_referer'] = $wo_referer;
        xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array);
    }
}
 public function payment_action()
 {
     global $insert_id;
     $order = new order($insert_id);
     $params = array('project' => MODULE_PAYMENT_MCP_SERVICE_PROJECT_CODE, 'amount' => $order->info['pp_total'] * 100, 'orderid' => $insert_id, 'title' => MODULE_PAYMENT_MCP_SERVICE_PAYTEXT, 'theme' => MODULE_PAYMENT_MCP_SERVICE_THEME, 'currency' => $order->info['currency'], xtc_session_name() => xtc_session_id(), 'mp_user_email' => $order->customer['email_address'], 'mp_user_firstname' => $order->customer['firstname'], 'mp_user_surname' => $order->customer['lastname'], 'mp_user_address' => $order->customer['street_address'], 'mp_user_zip' => $order->customer['postcode'], 'mp_user_city' => $order->customer['city'], 'mp_user_country' => $order->customer['country']['iso_code_2']);
     if (defined('MODULE_PAYMENT_MCP_SERVICE_GFX') && MODULE_PAYMENT_MCP_SERVICE_GFX != null) {
         $params['gfx'] = MODULE_PAYMENT_MCP_SERVICE_GFX;
     }
     if (defined('MODULE_PAYMENT_MCP_SERVICE_BGGFX') && MODULE_PAYMENT_MCP_SERVICE_BGGFX != null) {
         $params['bggfx'] = MODULE_PAYMENT_MCP_SERVICE_BGGFX;
     }
     if (defined('MODULE_PAYMENT_MCP_SERVICE_BGCOLOR') && MODULE_PAYMENT_MCP_SERVICE_BGCOLOR) {
         $params['bgcolor'] = MODULE_PAYMENT_MCP_SERVICE_BGCOLOR;
     }
     $urlParams = http_build_query($params, null, '&');
     $seal = md5($urlParams . MODULE_PAYMENT_MCP_SERVICE_ACCESS_KEY);
     $urlParams .= '&seal=' . $seal;
     $url = $this->form_action_url . '?' . $urlParams;
     xtc_redirect($url);
 }
function xtc_update_whos_online()
{
    if (isset($_SESSION['customer_id'])) {
        $wo_customer_id = $_SESSION['customer_id'];
        $customer_query = xtc_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . $_SESSION['customer_id'] . "'");
        $customer = xtc_db_fetch_array($customer_query);
        $wo_full_name = addslashes($customer['customers_firstname'] . ' ' . $customer['customers_lastname']);
    } else {
        $wo_customer_id = '';
        $wo_full_name = 'Guest';
    }
    $wo_session_id = xtc_session_id();
    $wo_ip_address = getenv('REMOTE_ADDR');
    $wo_last_page_url = addslashes(getenv('REQUEST_URI'));
    // MailBeez
    // avoid /mailhive.php?cron_simple=1 in who is online table
    if (preg_match("/mailhive.php/", $wo_last_page_url)) {
        return false;
    }
    // - MailBeez
    $current_time = time();
    $xx_mins_ago = $current_time - 900;
    // remove entries that have expired
    xtc_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'");
    $stored_customer_query = xtc_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . $wo_session_id . "'");
    $stored_customer = xtc_db_fetch_array($stored_customer_query);
    if (strpos($wo_last_page_url, 'favicon.ico') === false && strpos($wo_last_page_url, 'rss.php') === false && strpos($wo_last_page_url, '.jpg') === false && strpos($wo_last_page_url, '.js.php') === false && strpos($wo_last_page_url, 'request_port.php') === false && strpos($wo_last_page_url, 'version_info.php') === false && strpos($wo_last_page_url, 'mailhive.php') === false) {
        if ($stored_customer['count'] > 0) {
            xtc_db_query("update " . TABLE_WHOS_ONLINE . " set customer_id = '" . $wo_customer_id . "', full_name = '" . $wo_full_name . "', ip_address = '" . $wo_ip_address . "', time_last_click = '" . $current_time . "', last_page_url = '" . $wo_last_page_url . "' where session_id = '" . $wo_session_id . "'");
        } else {
            if (!empty($wo_session_id)) {
                xtc_db_query("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values ('" . $wo_customer_id . "', '" . $wo_full_name . "', '" . $wo_session_id . "', '" . $wo_ip_address . "', '" . $current_time . "', '" . $current_time . "', '" . $wo_last_page_url . "')");
            }
        }
    }
}
 function get_redirect_url($inline = false)
 {
     /**
      * Create Rakuten Checkout Insert Cart XML request
      */
     $xml = new SimpleXMLElement("<?xml version='1.0' encoding='UTF-8' ?><tradoria_insert_cart />");
     $merchantAuth = $xml->addChild('merchant_authentication');
     $merchantAuth->addChild('project_id', MODULE_PAYMENT_RAKUTEN_PROJECT_ID);
     $merchantAuth->addChild('api_key', MODULE_PAYMENT_RAKUTEN_API_KEY);
     $xml->addChild('language', 'DE');
     $xml->addChild('currency', $_SESSION['currency']);
     $merchantCart = $xml->addChild('merchant_carts')->addChild('merchant_cart');
     $merchantCart->addChild('custom_1', xtc_session_name());
     $merchantCart->addChild('custom_2', xtc_session_id());
     $merchantCart->addChild('custom_3', $_SESSION['customer_id']);
     $merchantCart->addChild('custom_4');
     $merchantCartItems = $merchantCart->addChild('items');
     if ($_SESSION['cart']->count_contents() > 0) {
         $products = $_SESSION['cart']->get_products();
         for ($i = 0, $n = sizeof($products); $i < $n; $i++) {
             $t_image = '';
             if ($products[$i]['image'] != '') {
                 $t_image = HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_THUMBNAIL_IMAGES . $products[$i]['image'];
             }
             $merchantCartItemsItem = $merchantCartItems->addChild('item');
             $merchantCartItemsItemName = $merchantCartItemsItem->addChild('name');
             $this->_add_CDATA($merchantCartItemsItemName, $products[$i]['name']);
             $merchantCartItemsItem->addChild('sku', $this->_escape_str($products[$i]['model']));
             // THIS ONE IS SHOWN
             $merchantCartItemsItem->addChild('external_product_id', $this->_escape_str($products[$i]['id']));
             // this one is not shown (optional)
             $merchantCartItemsItem->addChild('qty', $products[$i]['quantity']);
             // positive integers // TODO: check for decimal qty
             $merchantCartItemsItem->addChild('unit_price', $products[$i]['price']);
             $merchantCartItemsItem->addChild('tax_class', $this->get_rakuten_tax_class($products[$i]['tax_class_id']));
             $merchantCartItemsItem->addChild('image_url', $this->_escape_str($t_image));
             $product_url = xtc_href_link(FILENAME_PRODUCT_INFO, xtc_product_link($products[$i]['id'], $products[$i]['name']));
             $merchantCartItemsItem->addChild('product_url', $this->_escape_str($product_url));
             $comment = array();
             if (isset($products[$i]['attributes'])) {
                 while (list($option, $value) = each($products[$i]['attributes'])) {
                     $attributes = xtc_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix,pa.attributes_stock,pa.products_attributes_id,pa.attributes_model,pa.weight_prefix,pa.options_values_weight\n                                                              from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n                                                              where pa.products_id = '" . (int) $products[$i]['id'] . "'\n                                                               and pa.options_id = '" . (int) $option . "'\n                                                               and pa.options_id = popt.products_options_id\n                                                               and pa.options_values_id = '" . (int) $value . "'\n                                                               and pa.options_values_id = poval.products_options_values_id\n                                                               and popt.language_id = '" . (int) $_SESSION['languages_id'] . "'\n                                                               and poval.language_id = '" . (int) $_SESSION['languages_id'] . "'");
                     $attributes_values = xtc_db_fetch_array($attributes);
                     $comment[] = $attributes_values['products_options_name'] . ': ' . $attributes_values['products_options_values_name'];
                 }
             }
             $comment = implode('; ', $comment);
             $merchantCartItemsItemComment = $merchantCartItemsItem->addChild('comment');
             $this->_add_CDATA($merchantCartItemsItemComment, $comment);
             $merchantCartItemsItemCustom = $merchantCartItemsItem->addChild('custom');
             $this->_add_CDATA($merchantCartItemsItemCustom, $products[$i]['id']);
         }
     }
     $merchantCartShippingRates = $merchantCart->addChild('shipping_rates');
     $shippingRates = $this->_str_get_csv(MODULE_PAYMENT_RAKUTEN_SHIPPING_RATES);
     foreach ($shippingRates as $shippingRate) {
         if (isset($shippingRate[0]) && isset($shippingRate[1]) && is_numeric($shippingRate[1])) {
             $merchantCartShippingRate = $merchantCartShippingRates->addChild('shipping_rate');
             $merchantCartShippingRate->addChild('country', (string) $shippingRate[0]);
             $merchantCartShippingRate->addChild('price', (double) $shippingRate[1]);
             if (isset($shippingRate[2]) && (int) $shippingRate[2] > 0) {
                 $merchantCartShippingRate->addChild('delivery_date', date('Y-m-d', strtotime('+' . (int) $shippingRate[2] . ' days')));
             }
         }
     }
     $billingAddressRestrictions = $xml->addChild('billing_address_restrictions');
     /**
      * Restrict invoice address to require private / commercial and by country
      */
     switch (MODULE_PAYMENT_RAKUTEN_BILLING_ADDR_TYPE) {
         /**
          * 1: all
          * 2: business
          * 3: private
          */
         case 'All Addresses':
             $billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 1);
             break;
         case 'Business Addresses Only':
             $billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 2);
             break;
         case 'Private Addresses Only':
             $billingAddressRestrictions->addChild('customer_type')->addAttribute('allow', 3);
             break;
     }
     $xml->addChild('callback_url', $this->ROCKBACK_URL);
     $xml->addChild('pipe_url', $this->PIPE_URL);
     $request = $xml->asXML();
     $response = $this->send_request($request);
     $redirectUrl = false;
     $inlineUrl = false;
     $inlineCode = false;
     try {
         $response = new SimpleXMLElement($response);
         if ($response->success != 'true') {
             throw new Exception((string) $response->message, (int) $response->code);
         } else {
             $redirectUrl = $response->redirect_url;
             $inlineUrl = $response->inline_url;
             $inlineCode = $response->inline_code;
         }
     } catch (Exception $e) {
         xtc_redirect(sprintf($this->ERROR_URL, urlencode($e->getCode()), urlencode($e->getMessage())));
     }
     if ($inline) {
         return $inlineCode;
     } else {
         return $redirectUrl;
     }
 }
 function payment_action()
 {
     global $order, $insert_id;
     if (!isset($insert_id) || $insert_id == '') {
         $insert_id = $_SESSION['tmp_oID'];
     }
     $this->payone->log("(pre-)authorizing {$this->code} payment");
     $standard_parameters = parent::_standard_parameters();
     $this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData();
     parent::_set_customers_standard_params();
     $this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData();
     parent::_set_customers_shipping_params();
     $bankgroup = '';
     if ($_SESSION[$this->code]['otrans_type'] == 'eps' || $_SESSION[$this->code]['otrans_type'] == 'ideal') {
         $bankgroup = $_SESSION[$this->code]['otrans_bankgrouptype'];
     }
     $_SESSION[$this->code]['otrans_bankcountry'] = isset($_SESSION[$this->code]['otrans_bankcountry']) ? $_SESSION[$this->code]['otrans_bankcountry'] : $order->billing['country']['iso_code_2'];
     $this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_OnlineBankTransfer();
     $this->payment_method->setOnlinebanktransfertype($this->banktransfertypes[$_SESSION[$this->code]['otrans_type']]);
     $this->payment_method->setBankcountry($_SESSION[$this->code]['otrans_bankcountry']);
     if ($_SESSION[$this->code]['otrans_type'] == 'sofortueberweisung' && $_SESSION[$this->code]['otrans_country'] == 'CH') {
         $this->payment_method->setBankaccount($_SESSION[$this->code]['otrans_bankaccount']);
         $this->payment_method->setBankcode($_SESSION[$this->code]['otrans_bankcode']);
     } else {
         $this->payment_method->setIban($_SESSION[$this->code]['otrans_iban']);
         $this->payment_method->setBic($_SESSION[$this->code]['otrans_bic']);
     }
     $this->payment_method->setBankgrouptype($bankgroup);
     $this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id());
     $this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id());
     $this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code);
     // set order_id for deleting canceld order
     $_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID'];
     $request_parameters = parent::_request_parameters('sb');
     $this->params = array_merge($standard_parameters, $request_parameters);
     $this->builder = new Payone_Builder($this->payone->getPayoneConfig());
     parent::_build_service_authentification('sb');
     parent::_parse_response_payone_api();
 }
Ejemplo n.º 8
0
    ?>
                  <?php 
    echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('oID', '', 'size="12"') . xtc_draw_hidden_field('action', 'edit') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    ?>
                  </form>
                    </div>
                    <div class='col-xs-12'>
                  <?php 
    echo xtc_draw_form('payment_method_status', FILENAME_ORDERS, '', 'get');
    ?>
                  <?php 
    echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses), isset($_GET['status']) && xtc_not_null($_GET['status']) ? (int) $_GET['status'] : '', 'onchange="this.form.submit();"');
    ?>
 <br />
                  <?php 
    echo HEADING_CHOOSE_PAYMENT . ' ' . xtc_draw_pull_down_menu('payment_method', array_merge(array(array('id' => '', 'text' => TEXT_ALL_PAYMENT_METHODS)), $payment_methods), isset($_GET['payment_method']) && xtc_not_null($_GET['payment_method']) ? $_GET['payment_method'] : '', 'onchange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    ?>
                  </form>
                    </div>
                </div>
            </div>
<div class='col-xs-12'><br></div>
            <div class='col-xs-12'>
                <div id='responsive_table' class='table-responsive pull-left col-sm-12'>
                <table class="table table-bordered table-striped">
                    <tr class="dataTableHeadingRow">
                      <td class="dataTableHeadingContent"><?php 
    echo TABLE_HEADING_CUSTOMERS;
    ?>
</td>
                      <td class="dataTableHeadingContent" align="right"><?php 
                      <form name="search" action="<?php 
    echo FILENAME_PRODUCTS_ATTRIBUTES;
    ?>
" method="GET">
                          <span  class="main"><b><?php 
    echo TEXT_SEARCH;
    ?>
</b></span> <input type="text" name="search_optionsname" size="20" value="<?php 
    echo $_GET['search_optionsname'];
    ?>
">
                        <input name="<?php 
    echo xtc_session_name();
    ?>
" type="hidden" value="<?php 
    echo xtc_session_id();
    ?>
" />
                      </form>
                      </div>
                      <div class="col-xs-12">
                          <div class="smallText"><?php 
    echo $value_pages;
    ?>
</div>
                      </div>
                  <div class="col-xs-12">
                      <?php 
    echo xtc_black_line();
    ?>
                  </div>
Ejemplo n.º 10
0
 function process_button()
 {
     global $order, $xtPrice;
     $worldpay_url = xtc_session_name() . '=' . xtc_session_id();
     $total = number_format($xtPrice->xtcCalculateCurr($order->info['total']), $xtPrice->get_decimal_places($_SESSION['currency']), '.', '');
     $process_button_string = xtc_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) . xtc_draw_hidden_field('currency', $_SESSION['currency']) . xtc_draw_hidden_field('desc', 'Purchase from ' . STORE_NAME) . xtc_draw_hidden_field('cartId', $worldpay_url) . xtc_draw_hidden_field('amount', $total);
     // Pre Auth Mod 3/1/2002 - Graeme Conkie
     if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == 'true') {
         $process_button_string .= xtc_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH);
     }
     // Ian-san: Create callback and language links here 6/4/2003:
     $language_code_raw = xtc_db_query("select code from " . TABLE_LANGUAGES . " where languages_id ='" . $_SESSION['languages_id'] . "'");
     $language_code_array = xtc_db_fetch_array($language_code_raw);
     $language_code = $language_code_array['code'];
     $address = encode_htmlspecialchars($order->customer['street_address'] . "\n" . $order->customer['suburb'] . "\n" . $order->customer['city'] . "\n" . $order->customer['state'], ENT_QUOTES);
     $process_button_string .= xtc_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) . xtc_draw_hidden_field('name', $order->customer['firstname'] . ' ' . $order->customer['lastname']) . xtc_draw_hidden_field('address', $address) . xtc_draw_hidden_field('postcode', $order->customer['postcode']) . xtc_draw_hidden_field('country', $order->customer['country']['iso_code_2']) . xtc_draw_hidden_field('tel', $order->customer['telephone']) . xtc_draw_hidden_field('myvar', 'Y') . xtc_draw_hidden_field('fax', $order->customer['fax']) . xtc_draw_hidden_field('email', $order->customer['email_address']) . xtc_draw_hidden_field('lang', $language_code) . xtc_draw_hidden_field('MC_callback', xtc_href_link(wpcallback) . '.php') . xtc_draw_hidden_field('MC_XTCsid', $XTCsid);
     // Ian-san: Added MD5 here 6/4/2003:
     if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') {
         $md5_signature_fields = 'amount:language:email';
         $md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . number_format($order->info['total'] * $currencies->get_value($currency), $currencies->get_decimal_places($currency), '.', '') . ':' . $language_code . ':' . $order->customer['email_address'];
         $md5_signature_md5 = md5($md5_signature);
         $process_button_string .= xtc_draw_hidden_field('signatureFields', $md5_signature_fields) . xtc_draw_hidden_field('signature', $md5_signature_md5);
     }
     return $process_button_string;
 }
 function paypal_checkout()
 {
     // Stand: 27.03.2010
     if (PAYPAL_MODE == 'sandbox') {
         $this->API_UserName = PAYPAL_API_SANDBOX_USER;
         $this->API_Password = PAYPAL_API_SANDBOX_PWD;
         $this->API_Signature = PAYPAL_API_SANDBOX_SIGNATURE;
         $this->API_Endpoint = 'https://api-3t.sandbox.paypal.com/nvp';
         $this->EXPRESS_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=';
         $this->GIROPAY_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_complete-express-checkout&token=';
         $this->IPN_URL = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
     } elseif (PAYPAL_MODE == 'live') {
         $this->API_UserName = PAYPAL_API_USER;
         $this->API_Password = PAYPAL_API_PWD;
         $this->API_Signature = PAYPAL_API_SIGNATURE;
         $this->API_Endpoint = 'https://api-3t.paypal.com/nvp';
         $this->EXPRESS_URL = 'https://www.paypal.com/webscr?cmd=_express-checkout&token=';
         $this->GIROPAY_URL = 'https://www.paypal.com/webscr?cmd=_complete-express-checkout&token=';
         $this->IPN_URL = 'https://www.paypal.com/cgi-bin/webscr';
     }
     if (ENABLE_SSL == true) {
         $this->NOTIFY_URL = HTTPS_SERVER . DIR_WS_CATALOG . 'callback/paypal/ipn.php';
         $this->EXPRESS_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->EXPRESS_RETURN_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_PAYPAL_CHECKOUT . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->PRE_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&error=true&error_message=' . PAYPAL_ERROR;
         $this->RETURN_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->GIROPAY_SUCCESS_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->GIROPAY_CANCEL_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->BANKTXN_PENDING_URL = HTTPS_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
     } else {
         $this->NOTIFY_URL = HTTP_SERVER . DIR_WS_CATALOG . 'callback/paypal/ipn.php';
         $this->EXPRESS_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->EXPRESS_RETURN_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_PAYPAL_CHECKOUT . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->PRE_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&error=true&error_message=' . PAYPAL_ERROR;
         $this->RETURN_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->GIROPAY_SUCCESS_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->GIROPAY_CANCEL_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_SHOPPING_CART . '?' . xtc_session_name() . '=' . xtc_session_id();
         $this->BANKTXN_PENDING_URL = HTTP_SERVER . DIR_WS_CATALOG . FILENAME_CHECKOUT_SUCCESS . '?' . xtc_session_name() . '=' . xtc_session_id();
     }
     $this->version = VERSION;
     $this->USE_PROXY = FALSE;
     $this->payPalURL = '';
     $this->ppAPIec = $this->buildAPIKey(PAYPAL_API_KEY);
     if (ENABLE_SSL == true) {
         $hdrImg = 'templates/' . CURRENT_TEMPLATE . '/img/' . PAYPAL_API_IMAGE;
         if (file_exists(DIR_FS_CATALOG . $hdrImg) && PAYPAL_API_IMAGE != '') {
             $hdrSize = getimagesize(DIR_FS_CATALOG . $hdrImg);
             if ($hdrSize[0] <= 750 && $hdrSize[1] <= 90) {
                 $this->Image = urlencode(HTTPS_SERVER . DIR_WS_CATALOG . $hdrImg);
             }
         }
     }
     if (preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/', PAYPAL_API_CO_BACK)) {
         $this->BackColor = PAYPAL_API_CO_BACK;
     }
     if (preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/', PAYPAL_API_CO_BORD)) {
         $this->BorderColor = PAYPAL_API_CO_BORD;
     }
 }
Ejemplo n.º 12
0
              <?php 
    echo xtc_draw_form('orders', FILENAME_ORDERS, '', 'get');
    ?>
                <?php 
    echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('oID', '', 'size="12"') . xtc_draw_hidden_field('action', 'edit') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    ?>
              </form>
</td>
  </tr>
  <tr>
    <td class="main" valign="top">Customers</td>
    <td class="main" valign="top" align="right"><?php 
    echo xtc_draw_form('status', FILENAME_ORDERS, '', 'get');
    ?>
                <?php 
    echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses), '', 'onChange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    ?>
              </form></td>
  </tr>
</table>




        </td>
      </tr>
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
              <tr class="dataTableHeadingRow">
Ejemplo n.º 13
0
						</tr>
						<tr>
							<td class="main">
								<?php 
foreach ($messages as $msg) {
    ?>
								<p class="message"><?php 
    echo $msg;
    ?>
</p>
								<?php 
}
?>

                <?php 
echo xtc_draw_form('log', basename($PHP_SELF), '', 'get') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
                  <table style="border: 1px solid #cccccc; width:100%; padding:5px; background:#f1f1f1;">
                    <tr>
                      <td class="menuBoxHeading">
                        <?php 
echo START_DATE;
?>
                        <select name="startD" size="1">
                          <?php 
if ($startDate) {
    $j = date("j", $startDate);
} else {
    $j = 1;
}
for ($i = 1; $i < 32; $i++) {
 /**
  * Outputs the html form hidden elements sent as POST data to the payment
  * gateway.
  *
  * @return string
  */
 public function processButton()
 {
     global $order;
     $shipping = $_SESSION['shipping'];
     $invoiceType = $_POST["klarna_{$this->_option}_invoice_type"];
     $reference = $_POST["klarna_{$this->_option}_reference"];
     $process_button_string = $this->_utils->hiddenFieldString($this->_addrs, $invoiceType, $this->_paymentPlan, $order->customer['email_address'], $reference);
     if ($this->_addrs->isCompany) {
         $process_button_string .= xtc_draw_hidden_field('klarna_fname', $order->delivery['firstname']) . xtc_draw_hidden_field('klarna_lname', $order->delivery['lastname']);
     } else {
         $process_button_string .= xtc_draw_hidden_field('klarna_fname', $this->_addrs->getFirstName()) . xtc_draw_hidden_field('klarna_lname', $this->_addrs->getLastName());
     }
     $_SESSION['klarna_ot'] = $this->_utils->getOrderTotal();
     $process_button_string .= xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
     return $process_button_string;
 }
 function payment_action()
 {
     global $order, $insert_id;
     if (!isset($insert_id) || $insert_id == '') {
         $insert_id = $_SESSION['tmp_oID'];
     }
     $this->payone->log("(pre-)authorizing {$this->code} payment");
     $standard_parameters = parent::_standard_parameters('preauthorization');
     $this->personal_data = new Payone_Api_Request_Parameter_Authorization_PersonalData();
     parent::_set_customers_standard_params();
     // set manually for klarna
     if ($_SESSION[$this->code]['installment_type'] == 'klarna') {
         $this->personal_data->setBirthday(xtc_date_raw($_SESSION[$this->code]['installment_customers_dob']));
         $this->personal_data->setTelephonenumber($_SESSION[$this->code]['installment_customers_telephone']);
     }
     $this->delivery_data = new Payone_Api_Request_Parameter_Authorization_DeliveryData();
     parent::_set_customers_shipping_params();
     $this->payment_method = new Payone_Api_Request_Parameter_Authorization_PaymentMethod_Financing();
     $this->payment_method->setSuccessurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PROCESS . '?' . xtc_session_name() . '=' . xtc_session_id());
     $this->payment_method->setBackurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id());
     $this->payment_method->setErrorurl((ENABLE_SSL == true ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG . FILENAME_CHECKOUT_PAYMENT . '?' . xtc_session_name() . '=' . xtc_session_id() . '&payment_error=' . $this->code);
     // set order_id for deleting canceld order
     $_SESSION['tmp_payone_oID'] = $_SESSION['tmp_oID'];
     $financingtype = $this->installmenttypes[$_SESSION[$this->code]['installment_type']];
     $this->payment_method->setFinancingtype($financingtype);
     $request_parameters = parent::_request_parameters('fnc');
     if (!isset($request_parameters['invoicing'])) {
         $request_parameters['invoicing'] = $this->_getInvoicingTransaction($insert_id);
     }
     $this->params = array_merge($standard_parameters, $request_parameters);
     $this->builder = new Payone_Builder($this->payone->getPayoneConfig());
     parent::_build_service_authentification('fnc');
     parent::_parse_response_payone_api();
     xtc_redirect(xtc_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'));
 }
 function process_rope_request($request)
 {
     try {
         $this->_request = new SimpleXMLElement(urldecode($request), LIBXML_NOCDATA);
         if (!$this->_auth()) {
             throw new Exception('Authentication failed');
         }
         $init_session = true;
         /**
          * Check type of request and call proper handler
          */
         switch ($this->_request->getName()) {
             case 'tradoria_check_order':
                 $this->_order_node = 'order';
                 $this->_process_function = '_check_order';
                 $response_tag = 'tradoria_check_order_response';
                 break;
             case 'tradoria_order_process':
                 $this->_order_node = 'cart';
                 $this->_process_function = '_process_order';
                 $response_tag = 'tradoria_order_process_response';
                 break;
             case 'tradoria_order_status':
                 $init_session = false;
                 $this->_process_function = '_status_update';
                 $response_tag = 'tradoria_order_status_response';
                 break;
             default:
                 /**
                  * Unrecognised request error
                  */
                 $response_tag = 'unknown_error';
                 return $this->prepare_response(false, $response_tag);
         }
         if ($init_session) {
             /** 
              * Instantiate Session
              */
             $session_name = (string) $this->_request->{$this->_order_node}->custom_1;
             $session_id = (string) $this->_request->{$this->_order_node}->custom_2;
             $customer_id = (string) $this->_request->{$this->_order_node}->custom_3;
             xtc_session_name($session_name);
             if (STORE_SESSIONS != 'mysql') {
                 session_save_path(SESSION_WRITE_DIRECTORY);
             }
             xtc_session_id($session_id);
             xtc_session_start();
             /**
              * Load the correct language file
              */
             require_once DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/rakuten.php';
             require_once DIR_WS_CLASSES . 'xtcPrice.php';
             global $xtPrice;
             $xtPrice = new xtcPrice($_SESSION['currency'], $_SESSION['customers_status']['customers_status_id']);
             require_once DIR_WS_CLASSES . 'main.php';
             global $main;
             $main = new main();
         }
         $response = $this->{$this->_process_function}();
     } catch (Exception $e) {
         return $this->prepare_response(false);
     }
     return $this->prepare_response($response, $response_tag);
 }
    echo xtc_draw_hidden_field('opID', $order->products[$i]['opid']);
    //BOF - DokuMan - 2010-09-07 - variables for correct deletion of products (thx to franky_n)
    echo xtc_draw_hidden_field('del_qty', $order->products[$i]['qty']);
    echo xtc_draw_hidden_field('del_pID', $order->products[$i]['id']);
    //EOF - DokuMan - 2010-09-07 - variables for correct deletion of products (thx to franky_n)
    echo '<input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_DELETE . '"/>';
    ?>
        </form>
        <?php 
    echo xtc_draw_form('select_options', FILENAME_ORDERS_EDIT, '', 'GET');
    echo xtc_draw_hidden_field('edit_action', 'options');
    echo xtc_draw_hidden_field('pID', $order->products[$i]['id']);
    echo xtc_draw_hidden_field('oID', $_GET['oID']);
    echo xtc_draw_hidden_field('opID', $order->products[$i]['opid']);
    //BOF - web28 - 2011-01-16 - FIX missing sessions id
    echo xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    //EOF - web28 - 2011-01-16 - FIX missing sessions id
    echo '<input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_PRODUCT_OPTIONS . '"/>';
    ?>
        </form>
      </td> </td>
  </tr>

<?php 
}
?>
</table>
    
<br /><br />
<!-- Artikelbearbeitung Ende //-->
<!-- Artikel Einfügen Anfang //-->
 /**
  * Creates a SEO safe error link.
  *
  * @param string $page               page
  * @param string $parameters         parameters
  * @param string $connection         connection
  * @param bool   $add_session_id     add session id
  * @param bool   $search_engine_safe SEO friendly
  *
  * @return string
  */
 public function errorLink($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true)
 {
     global $request_type, $session_started, $SID;
     if (!xtc_not_null($page)) {
         die('<br><br><font color="#f3014d"><b>Error!</b></font><br><br>' . '<b>Unable to determine the page link!<br><br>');
     }
     if ($connection == 'NONSSL') {
         $link = HTTP_SERVER . DIR_WS_HTTP_CATALOG;
     } else {
         if ($connection == 'SSL') {
             if (ENABLE_SSL == true) {
                 $link = HTTPS_SERVER . DIR_WS_CATALOG;
             } else {
                 $link = HTTP_SERVER . DIR_WS_CATALOG;
             }
         } else {
             die('<br><br><font color="#f3014d"><b>Error!</b></font><br><br>' . '<b>Unable to determine connection method on a link!<br><br>' . 'Known methods: NONSSL SSL</b><br><br>');
         }
     }
     if (xtc_not_null($parameters)) {
         $link .= $page . '?' . $this->klarnaOutputString($parameters);
         $separator = '&';
     } else {
         $link .= $page;
         $separator = '?';
     }
     while (substr($link, -1) == '&' || substr($link, -1) == '?') {
         $link = substr($link, 0, -1);
     }
     // Add the session ID when moving from different HTTP and HTTPS servers,
     // or when SID is defined
     if ($add_session_id == true && $session_started == true && SESSION_FORCE_COOKIE_USE == 'false') {
         if (xtc_not_null($SID)) {
             $_sid = $SID;
         } else {
             if ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL == true || $request_type == 'SSL' && $connection == 'NONSSL') {
                 if (HTTP_COOKIE_DOMAIN != HTTPS_COOKIE_DOMAIN) {
                     $_sid = xtc_session_name() . '=' . xtc_session_id();
                 }
             }
         }
     }
     if (SEARCH_ENGINE_FRIENDLY_URLS == 'true' && $search_engine_safe == true) {
         while (strstr($link, '&&')) {
             $link = str_replace('&&', '&', $link);
         }
         $link = str_replace('?', '/', $link);
         $link = str_replace('&', '/', $link);
         $link = str_replace('=', '/', $link);
         $separator = '?';
     }
     if (isset($_sid)) {
         $link .= $separator . $_sid;
     }
     return $link;
 }
?>
</p>
        </div>
        
        <div class='col-xs-6 text-right'>
                  <?php 
echo xtc_draw_form('search', FILENAME_CATEGORIES, '', 'get');
echo HEADING_TITLE_SEARCH . ' ' . xtc_draw_input_field('search', $search) . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
?>
                  </form>
              <?php 
if (CAT_VIEW_DROPDOWN) {
    ?>
                 <?php 
    echo xtc_draw_form('goto', FILENAME_CATEGORIES, '', 'get');
    echo HEADING_TITLE_GOTO . ' ' . xtc_draw_pull_down_menu('cPath', xtc_get_category_tree(), $current_category_id, 'onChange="this.form.submit();"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    ?>
                  </form>
              <?php 
}
?>
        </div>
  <div class='col-xs-12'> <br> </div>
            <!-- search and quickjump -->
        <div class='col-xs-12'>
        <div id='responsive_table' class='table-responsive pull-left col-sm-12'>
            <!-- categories and products table -->
            <table class='table table-bordered'>
              <tr class="dataTableHeadingRow">
                <td class="dataTableHeadingContent hidden-xs" width="4%" align="center">
                  <?php 
Ejemplo n.º 20
0
    ?>
</div>
            </form>
        </div>
        <div class="col-xs-12 smallText text-center">
            <?php 
    echo xtc_draw_form('status', FILENAME_CUSTOMERS, '', 'get');
    $select_data = array();
    //BOF - GTB - 2011-02-03 - show selected customer group
    //$select_data = array (array ('id' => '99', 'text' => TEXT_SELECT), array ('id' => '100', 'text' => TEXT_ALL_CUSTOMERS));
    $select_data = array(array('id' => '', 'text' => TEXT_SELECT), array('id' => '100', 'text' => TEXT_ALL_CUSTOMERS));
    //<td class="smallText" align="right"><?php echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status',xtc_array_merge($select_data, $customers_statuses_array), '99', 'onChange="this.form.submit();"').xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()); </td>
    //EOF - GTB - 2011-02-03 - show selected customer group
    ?>
          <?php 
    echo HEADING_TITLE_STATUS . ' ' . xtc_draw_pull_down_menu('status', xtc_array_merge($select_data, $customers_statuses_array), isset($_GET['status']) ? $_GET['status'] : '', 'onChange="this.form.submit();" style="max-width: 200px;"') . xtc_draw_hidden_field(xtc_session_name(), xtc_session_id());
    ?>
             </form>
        </div>
        <div class='col-xs-12'>
            <div id='responsive_table' class='table-responsive pull-left col-sm-12'>
            <table class="table table-bordered">
                <tr class="dataTableHeadingRow">
                  <td class="dataTableHeadingContent hidden-xs hidden-sm" width="40"><?php 
    echo TABLE_HEADING_ACCOUNT_TYPE;
    ?>
</td>
                  <td class="dataTableHeadingContent"><?php 
    echo TABLE_HEADING_CUSTOMERSCID . xtc_sorting(FILENAME_CUSTOMERS, 'customers_cid');
    ?>
</td>
Ejemplo n.º 21
0
                 if (sizeof($order->products[$i]['properties']) > 0) {
                     for ($j = 0, $k = sizeof($order->products[$i]['properties']); $j < $k; $j++) {
                         if (!empty($order->products[$i]['properties'][$j]['properties_name']) || !empty($order->products[$i]['properties'][$j]['values_name'])) {
                             $contents[] = array('text' => '<small>&nbsp;<i> - ' . $order->products[$i]['properties'][$j]['properties_name'] . ': ' . $order->products[$i]['properties'][$j]['values_name'] . '</i></small></nobr>');
                         }
                     }
                 }
                 # properties EOF
             }
             // elari End add display products
             $contents[] = array('text' => '<br />');
             // BOF GM_MOD EOF
         }
         // bof gm
         $gm_heading_multi_status[] = array('text' => '<b>' . HEADING_GM_STATUS . '</b>');
         $content_multi_order_status[] = array('text' => xtc_draw_hidden_field(xtc_session_name(), xtc_session_id()));
         $content_multi_order_status[] = array('text' => xtc_draw_hidden_field('action', 'gm_multi_status') . xtc_draw_hidden_field('page', $_GET['page']));
         $content_multi_order_status[] = array('text' => xtc_draw_pull_down_menu('gm_status', array_merge(array(array('id' => '', 'text' => TEXT_GM_STATUS)), array(array('id' => '0', 'text' => TEXT_VALIDATING)), $orders_statuses)));
         /* magnalister v2.0.0 */
         if (function_exists('magnaExecute')) {
             magnaExecute('magnaRenderOrderStatusSync', array('multi' => true), array('order_details.php'));
         }
         /* END magnalister */
         $content_multi_order_status[] = array('text' => xtc_draw_checkbox_field('gm_notify', 'on') . ENTRY_NOTIFY_CUSTOMER);
         $content_multi_order_status[] = array('text' => xtc_draw_checkbox_field('gm_notify_comments', 'on') . ENTRY_NOTIFY_COMMENTS);
         $content_multi_order_status[] = array('text' => TABLE_HEADING_COMMENTS . '<br>' . xtc_draw_textarea_field('gm_comments', '', 24, 5, $_GET['comments'], '', false) . '<br>');
         $content_multi_order_status[] = array('align' => 'left', 'text' => '<div align="center"><input type="submit" class="button" value="' . BUTTON_CONFIRM . '"></form></div>');
         $content_multi_order_status[] = array('align' => 'left', 'text' => '<br />');
         // eof gm
         break;
 }