/**
* Create Order by array
*
* @param mixed $data
* @return bool|int|null|string
*/
public function createOrder($data)
{
global $db;
$newID = $db->insertFromArray(TABLE_SHOP_ORDERS, $data);
if ($newID) {
//Create bitcoin transaction
BuckysBitcoinTransaction::addTransaction($data['sellerID'], $data['buyerID'], BuckysBitcoinTransaction::ACTIVITY_TYPE_PRODUCT_PURCHASE, $newID, $data['totalPrice']);
$shopProdIns = new BuckysShopProduct();
$product = $shopProdIns->getProductById($data['productID']);
if (!$product['isDownloadable']) {
$shopProdIns->updateProduct($data['productID'], ['status' => BuckysShopProduct::STATUS_SOLD]);
}
//Send notification if the seller wants to get notification
$notificationIns = new BuckysShopNotification();
$notificationIns->createNotification($data['sellerID'], $data['buyerID'], BuckysShopNotification::ACTION_TYPE_PRODUCT_SOLD, $newID);
return $newID;
}
return false;
}
/**
* Purchase product function
* this function is POST
*/
function purchaseProduct()
{
$productIns = new BuckysShopProduct();
$orderIns = new BuckysShopOrder();
$buyerID = get_secure_integer($_REQUEST['buyerID']);
$productID = get_secure_integer($_REQUEST['productID']);
$userID = buckys_is_logged_in();
//Can you purchase this item?
if ($buyerID != $userID) {
buckys_redirect('/shop/view.php?id=' . $productID, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
//Product is active?
$prodData = $productIns->getProductById($productID, false);
if (!$prodData || $prodData['status'] == BuckysShopProduct::STATUS_INACTIVE) {
echo "here";
exit;
buckys_redirect('/shop/index.php' . $productID, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Is this your product?
if ($prodData['userID'] == $buyerID) {
buckys_redirect('/shop/view.php?id=' . $productID, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
//Shipping price is set?
if (!$prodData['isDownloadable']) {
$shippingPrice = fn_buckys_get_available_shipping_price($buyerID, $productID);
if ($shippingPrice === null) {
buckys_redirect('/shop/view.php?id=' . $productID, 'This item can not be shipped to your address. Check your shipping address or contact the owner.', MSG_TYPE_ERROR);
}
} else {
$shippingPrice = 0;
}
//Do you have money?
$balance = BuckysBitcoin::getUserWalletBalance($buyerID);
$balance = 100;
$total = $prodData['price'] + $shippingPrice;
if ($total > $balance) {
buckys_redirect('/shop/view.php?id=' . $productID, 'You do not have bitcoin enough to purchase this item.', MSG_TYPE_ERROR);
}
//Purchase product
$flag = $orderIns->makePayment($buyerID, $prodData['userID'], $total);
if ($flag) {
if (!$prodData['isDownloadable']) {
$buyerShippingInfoID = $orderIns->createShippingInfo($buyerID);
} else {
$buyerShippingInfoID = 0;
}
$param = ['sellerID' => $prodData['userID'], 'buyerID' => $buyerID, 'productID' => $productID, 'unitPrice' => $prodData['price'], 'shippingPrice' => $shippingPrice, 'totalPrice' => $total, 'buyerShippingID' => $buyerShippingInfoID, 'trackingNo' => '', 'createdDate' => date('Y-m-d H:i:s'), 'status' => BuckysShopOrder::STATUS_SOLD];
if ($orderIns->createOrder($param)) {
buckys_redirect('/shop/purchase.php', 'You have purchased an item successfully!', MSG_TYPE_SUCCESS);
} else {
buckys_redirect('/shop/view.php?id=' . $productID, 'Something goes wrong with your purchase. Please contact customer support!', MSG_TYPE_ERROR);
}
} else {
buckys_redirect('/shop/view.php?id=' . $productID, 'Payment problem. Please contact customer support!', MSG_TYPE_ERROR);
}
}
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
$userID = buckys_is_logged_in();
buckys_enqueue_stylesheet('shop.css');
buckys_enqueue_javascript('shop.js');
$TNB_GLOBALS['content'] = 'shop/view';
$TNB_GLOBALS['headerType'] = 'shop';
$paramShopID = get_secure_integer($_REQUEST['id']);
$view = [];
$shopProductIns = new BuckysShopProduct();
$catIns = new BuckysShopCategory();
$countryIns = new BuckysCountry();
$userIns = new BuckysUser();
$shippingInfoIns = new BuckysTradeUser();
$view['product'] = $shopProductIns->getProductById($paramShopID);
$view['myID'] = $userID;
if (!isset($view['product']) || $view['product']['status'] == BuckysShopProduct::STATUS_INACTIVE) {
buckys_redirect('/shop/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Check if the items owner is active one
$userData = $userIns->getUserData($view['product']['userID']);
if ($userData['status'] == BuckysUser::STATUS_USER_BANNED) {
buckys_redirect('/shop/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Read more info from DB
$catData = $catIns->getCategoryByID($view['product']['catID']);
$view['product']['categoryName'] = isset($catData) ? $catData['name'] : '';
$countryData = $countryIns->getCountryById($view['product']['locationID']);
$view['product']['locationName'] = isset($countryData) ? $countryData['country_title'] : '';
$view['product']['userInfo'] = $userIns->getUserBasicInfo($view['product']['userID']);
$TNB_GLOBALS['headerType'] = 'shop';
$view = [];
$countryIns = new BuckysCountry();
$shopProductIns = new BuckysShopProduct();
$view['category_list'] = BuckysShopCategory::getCategoryList(0);
$view['country_list'] = $countryIns->getCountryList();
$view['action_name'] = 'editProduct';
$paramProdID = get_secure_integer($_REQUEST['id']);
$paramType = get_secure_string($_REQUEST['type']);
$view['product'] = null;
switch ($paramType) {
case 'relist':
$userInfo = BuckysUser::getUserBasicInfo($userID);
$view['my_bitcoin_balance'] = BuckysBitcoin::getUserWalletBalance($userID);
$view['my_credit_balance'] = $userInfo['credits'];
$view['product'] = $shopProductIns->getProductById($paramProdID, true);
$view['type'] = 'relist';
$view['page_title'] = 'Relist an Item';
break;
default:
$view['product'] = $shopProductIns->getProductById($paramProdID, false);
$view['type'] = 'edit';
$view['page_title'] = 'Edit an Item';
break;
}
if ($view['product'] == null || $view['product']['userID'] != $userID || $view['product']['status'] != BuckysShopProduct::STATUS_ACTIVE) {
buckys_redirect('/shop/available.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$view['shipping_fee_list'] = $shopProductIns->getShippingPrice($paramProdID);
$TNB_GLOBALS['title'] = 'Edit an Item - BuckysRoomShop';
require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php";
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
if (!($userID = buckys_is_logged_in())) {
buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR);
}
$productID = buckys_escape_query_integer($_GET['id']);
$shopProductClass = new BuckysShopProduct();
if (!$shopProductClass->isPurchased($userID, $productID)) {
buckys_redirect('/shop/purchase.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$productData = $shopProductClass->getProductById($productID);
if (!$productData || !$productData['isDownloadable']) {
buckys_redirect('/shop/purchase.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if (!file_exists(DIR_FS_SHOP_PRODUCTS . $productData['fileName'])) {
buckys_redirect('/shop/purchase.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$filename = preg_replace("/[^a-zA-Z0-9\\._-\\s]/", '', $productData['title']);
$filename = str_replace(" ", '-', $filename);
//Download Zip File
header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: Application/zip");
header("Content-disposition: attachment; filename=" . $filename . ".zip");
$fp = fopen(DIR_FS_SHOP_PRODUCTS . $productData['fileName'], "r");
while (!feof($fp)) {
$buffer = fread($fp, 1024 * 1024 * 3);
echo $buffer;
