/**
* @param SS_HTTPRequest $request
* @return SS_HTTPResponse
*/
public function claim(SS_HTTPRequest $request)
{
/** @var Order $order */
$order = Order::get()->byID($request->param('ID'));
$hash = $request->param('OtherID');
$realHash = FollowUpEmail::generate_hash($order);
if (!$order || !$order->exists() || empty($hash) || $hash !== $realHash) {
$this->httpError(404);
}
// Require a login if the order is attached to an account
if ($order->MemberID && $order->MemberID != Member::currentUserID()) {
return Security::permissionFailure($this->owner, _t('ShopEmail.NotYourOrder', 'You must log in to access this order.'));
}
// Otherwise if all is good, proceed to checkout
ShoppingCart::singleton()->setCurrent($order);
return $this->redirect(CheckoutPage::get()->first()->Link());
}
