/**
* Displays a given invoice number $invoiceNo of $user
*
* @param int $invoiceNo
* @param UserTable $user
* @return string
*/
protected function showInvoice( $invoiceNo, $user ) {
global $_CB_database, $_CB_framework;
$return = '';
$params = $this->params;
$showInvoices = $params->get( 'show_invoices', 1 );
if ( $showInvoices ) {
$invoiceNo = (int) $invoiceNo;
if ( $invoiceNo ) {
$basket = new cbpaidPaymentBasket( $_CB_database );
if ( ( $basket->load( (int) $invoiceNo ) ) && ( $user->id == $basket->user_id ) ) {
$ok = false;
$myId = $_CB_framework->myId();
if ( $myId == 0 ) {
$ck = $this->base->_getReqParam( 'invoicecheck' );
if ( $ck && ( $ck == $basket->checkHashInvoice( $ck ) ) ) {
$ok = true;
}
} elseif ( $user->id == $myId ) {
$ok = true;
} elseif ( cbpaidApp::authoriseAction( 'cbsubs.sales' ) || cbpaidApp::authoriseAction( 'cbsubs.financial' ) ) {
$ok = true;
}
if ( $ok ) {
$itsmyself = ( $_CB_framework->myId() == $user->id );
$return .= $basket->displayInvoice( $user, $itsmyself );
} else {
$return .= '<div class="error">'
. CBPTXT::Th("You need to be logged in to view your private information.")
. '</div>'
;
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
return $return;
}
/**
* Returns a protected user-specific invoice display address URL
*
* @param cbpaidPaymentBasket $paymentBasket
* @param string $task 'invoice' or 'recordpayment'
* @param string $format 'html', 'component'
* @return string
*/
protected function getSecuredBasketShowUrl( $paymentBasket, $task, $format ) {
global $_CB_framework;
$basegetarray = array( 'user' => $paymentBasket->user_id, 'Itemid' => 0, 'act' => 'show' . $task, $task => $paymentBasket->id );
if ( ! $_CB_framework->MyId() ) {
$basegetarray['invoicecheck'] = $paymentBasket->checkHashInvoice();
}
return $this->getHttpsAbsURLwithParam( $basegetarray, 'pluginclass', true, null, $format );
}
