/**
* Function to store the matching patch package for the currently installed VM version to the cache path
*
* @param array $d
* @return boolean
*/
function getPatchPackage(&$d)
{
global $vm_mainframe, $vmLogger, $mosConfig_cachepath, $VM_LANG;
$allowed_extensions = array('gz', 'zip');
if (empty($_FILES['uploaded_package']['tmp_name'])) {
// retrieve the latest version number from virtuemart.net
require_once ADMINPATH . 'version.php';
$VMVERSION = new vmVersion();
// This URL should return a string - the direct URL to the matching patch package
$url = "http://virtuemart.net/index2.php?option=com_versions&catid=1&myVersion={$VMVERSION->RELEASE}&task=listpatchpackages&j=" . (vmIsJoomla('1.5') ? '1.5' : '1.0');
$result = vmConnector::handleCommunication($url);
if (!empty($result) && (strncmp('http://dev.virtuemart.net', $result, 25) === 0 || strncmp('http://virtuemart.net', $result, 21) === 0)) {
$filename = basename($result);
$doc_id_pos = strpos($filename, '?');
if ($doc_id_pos > 0) {
$filename = substr($filename, 0, $doc_id_pos);
}
// Was the package already downloaded?
if (file_exists($mosConfig_cachepath . '/' . $filename)) {
$vmLogger->info($VM_LANG->_('VM_UPDATE_PACKAGE_EXISTS') . ' ' . $mosConfig_cachepath . '/' . $filename);
} else {
// If not, store it on this server
$patch_package = vmConnector::handleCommunication($result);
if (!file_put_contents($mosConfig_cachepath . '/' . $filename, $patch_package)) {
$vmLogger->err($VM_LANG->_('VM_UPDATE_ERR_STORE_FAILED'));
return false;
}
}
// cache the location of the stored package file
$_SESSION['vm_updatepackage'] = $mosConfig_cachepath . '/' . $filename;
} else {
$vmLogger->err($VM_LANG->_('VM_UPDATE_ERR_RETRIEVE_FAILED'));
return false;
}
if (vmIsXHR()) {
$vm_mainframe->addResponseScript('parent.loadPage("' . $GLOBALS['sess']->url($_SERVER['PHP_SELF'] . '?page=admin.update_preview', false, false) . '");');
}
return true;
} else {
// make sure the file name is safe for storage.
$filename = vmSafeFileName($_FILES['uploaded_package']['name']);
$fileinfo = pathinfo($filename);
if (!in_array(strtolower($fileinfo['extension']), $allowed_extensions)) {
$vmLogger->err('An invalid patch package extension was detected. Allowed Types: ' . implode(', ', $allowed_extensions));
return false;
}
// Handle the uploaded package file- the integrity validation is done in another function
if (move_uploaded_file($_FILES['uploaded_package']['tmp_name'], $mosConfig_cachepath . '/' . $filename)) {
$_SESSION['vm_updatepackage'] = $mosConfig_cachepath . '/' . $filename;
if (vmIsXHR()) {
$vm_mainframe->addResponseScript('parent.loadPage("' . $GLOBALS['sess']->url($_SERVER['PHP_SELF'] . '?page=admin.update_preview', false, false) . '");');
}
} else {
$vmLogger->err('Failed to store the uploaded patch package file.');
return false;
}
}
}
/**
* Set headers and send the file to the client
*
* @author Andreas Gohr <*****@*****.**>
* @param string The full path to the file
* @param string The Mime Type of the file
*/
function sendFile($file, $mime, $overrideFileName = '')
{
global $vm_mainframe;
// send headers
header("Content-Type: {$mime}");
list($start, $len) = vmConnector::http_rangeRequest(filesize($file));
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Accept-Ranges: bytes');
//application mime type is downloadable
if (strtolower(substr($mime, 0, 11)) == 'application') {
if ($overrideFileName == '') {
$filename = basename($file);
} else {
$filename = $overrideFileName;
}
header('Content-Disposition: attachment; filename="' . $filename . '";');
}
$chunksize = 1 * (1024 * 1024);
// send file contents
$fp = @fopen($file, "rb");
if ($fp) {
fseek($fp, $start);
//seek to start of range
$chunk = $len > $chunksize ? $chunksize : $len;
while (!feof($fp) && $chunk > 0) {
@set_time_limit();
// large files can take a lot of time
print fread($fp, $chunk);
flush();
$len -= $chunk;
$chunk = $len > $chunksize ? $chunksize : $len;
}
fclose($fp);
} else {
header("HTTP/1.0 500 Internal Server Error");
print "Could not read {$file} - bad permissions?";
$vm_mainframe->close(true);
}
}
** END: FRONTEND ADMIN - MOD
*****************************/
// Here is the most important part of the whole Shop:
// LOADING the requested page for displaying it to the customer.
// I have wrapped it with a function, because it becomes
// cacheable that way.
// It's just an "include" statement which loads the page
$vmDoCaching = ($page == "shop.browse" || $page == "shop.product_details") && (empty($keyword) && empty($keyword1) && empty($keyword2));
// IE6 PNG transparency fix
$vm_mainframe->addScript("{$mosConfig_live_site}/components/{$option}/js/sleight.js");
echo '<div id="vmMainPage">' . "\n";
// Load requested PAGE
if (file_exists(PAGEPATH . $modulename . "." . $pagename . ".php")) {
if ($only_page) {
require_once CLASSPATH . 'connectionTools.class.php';
vmConnector::sendHeaderAndContent(200);
if ($func) {
echo vmCommonHTML::getSuccessIndicator($ok, $vmDisplayLogger);
}
/*@MWM1: Log/Debug enhancements*/
include PAGEPATH . $modulename . "." . $pagename . ".php";
// Exit gracefully
$vm_mainframe->close(true);
}
include PAGEPATH . $modulename . "." . $pagename . ".php";
} elseif (file_exists(PAGEPATH . HOMEPAGE . '.php')) {
include PAGEPATH . HOMEPAGE . '.php';
} else {
include PAGEPATH . 'shop.index.php';
}
if (!empty($mosConfig_caching) && $vmDoCaching) {
/**
* Voids a previous transaction with Payflow Pro
*
* @param array $d
* @return boolean
*/
function void_authorization(&$d)
{
global $vendor_mail, $vendor_currency, $VM_LANG, $vmLogger;
$database = new ps_DB();
require_once CLASSPATH . "connectionTools.class.php";
if (empty($d['order_number'])) {
$vmLogger->err("Error: No Order Number provided.");
return false;
}
/*** Get the Configuration File for authorize.net ***/
require_once CLASSPATH . "payment/" . __CLASS__ . ".cfg.php";
if (PFP_TYPE != 'A') {
return true;
}
// Get the Account Password securely from the database
$database->query("SELECT " . VM_DECRYPT_FUNCTION . "(payment_passkey,'" . ENCODE_KEY . "') as passkey FROM #__{vm}_payment_method WHERE payment_class='" . __CLASS__ . "'");
$transaction = $database->record[0];
if (empty($transaction->passkey)) {
$vmLogger->err($VM_LANG->_('PHPSHOP_PAYMENT_ERROR'), false);
return false;
}
$db = new ps_DB();
$q = "SELECT * FROM #__{vm}_orders, #__{vm}_order_payment WHERE ";
$q .= "order_number='" . $d['order_number'] . "' ";
$q .= "AND #__{vm}_orders.order_id=#__{vm}_order_payment.order_id";
$db->query($q);
if (!$db->next_record()) {
$vmLogger->err("Error: Order not found.");
return false;
}
$expire_date = date("my", $db->f("order_payment_expire"));
$cvv2_code = $db->f("order_payment_code");
// DECODE Account Number
$dbaccount = new ps_DB();
$q = "SELECT " . VM_DECRYPT_FUNCTION . "(order_payment_number,'" . ENCODE_KEY . "')\r\n AS account_number from #__{vm}_order_payment WHERE order_id='" . $db->f("order_id") . "'";
$dbaccount->query($q);
$dbaccount->next_record();
// Get user billing information
$dbbt = new ps_DB();
$qt = "SELECT * FROM #__{vm}_user_info WHERE user_id='" . $db->f("user_id") . "'";
$dbbt->query($qt);
$dbbt->next_record();
$user_info_id = $dbbt->f("user_info_id");
if ($user_info_id != $db->f("user_info_id")) {
// Get user's alternative shipping information
$dbst = new ps_DB();
$qt = "SELECT * FROM #__{vm}_user_info WHERE user_info_id='" . $db->f("user_info_id") . "' AND address_type='ST'";
$dbst->query($qt);
$dbst->next_record();
} else {
$dbst = $dbbt;
}
$tempstr = $dbaccount->f('account_number') . $db->f('order_total') . date('YmdGis');
$request_id = md5($tempstr);
//Authnet vars to send
$formdata = array('PARTNER' => PFP_PARTNER, 'VENDOR' => PFP_VENDOR, 'USER' => PFP_USER, 'PWD' => $transaction->passkey, 'TEST' => PFP_TEST_REQUEST, 'AMT' => $db->f('order_total'), 'TRXTYPE' => 'V', 'TENDER' => 'C', 'CURRENCY' => $vendor_currency, 'NAME' => strtoupper(substr($dbbt->f("first_name"), 0, 15) . substr($dbbt->f("last_name"), 0, 15)), 'STREET' => substr($dbbt->f("address_1"), 0, 30), 'CITY' => substr($dbbt->f("city"), 0, 40), 'STATE' => substr($dbbt->f("state"), 0, 40), 'ZIP' => substr($dbbt->f("zip"), 0, 9), 'CUSTREF' => substr($db->f('order_number'), 0, 12), 'ORIGID' => $db->f('order_payment_trans_id'), 'ACCT' => $dbaccount->f('account_number'), 'CVV2' => $cvv2_code, 'EXPDATE' => $expire_date);
//build the post string
$poststring = '';
foreach ($formdata as $key => $val) {
$poststring .= urlencode($key) . "=" . urlencode($val) . "&";
}
// strip off trailing ampersand
$poststring = substr($poststring, 0, -1);
if (PFP_TEST_REQUEST == 'TRUE') {
$host = 'pilot-payflowpro.verisign.com';
} else {
$host = 'payflowpro.verisign.com';
}
$headers[] = "X-VPS-Timeout: 30";
$headers[] = "X-VPS-VIT-OS-Name: " . PHP_OS;
// Name of your OS
$headers[] = "X-VPS-VIT-OS-Version: " . PHP_OS;
// OS Version
$headers[] = "X-VPS-VIT-Client-Type: PHP/cURL";
// What you are using
$headers[] = "X-VPS-VIT-Client-Version: 0.01";
// For your info
$headers[] = "X-VPS-VIT-Client-Architecture: x86";
// For your info
$headers[] = "X-VPS-VIT-Client-Certification-Id: " . PFP_CLIENT_CERTIFICATION_ID;
// get this from Todd @ payflowintegrator@paypal.com
$headers[] = "X-VPS-VIT-Integration-Product: " . phpversion() . "::cURL";
// For your info, would populate with application name
$headers[] = "X-VPS-VIT-Integration-Version: 0.01";
// Application version
$headers[] = "X-VPS-Request-ID: " . $request_id;
$result = vmConnector::handleCommunication("https://{$host}:443/transaction", $poststring, $headers);
if (!$result) {
$vmLogger->err('The transaction could not be completed.');
return false;
}
$result = strstr($result, 'RESULT');
$valArray = explode('&', $result);
foreach ($valArray as $val) {
$valArray2 = explode('=', $val);
$pfpro[$valArray2[0]] = $valArray2[1];
}
$vmLogger->debug('Beginning to analyse the response from ' . $host);
$RESULT_CODE = vmGet($pfpro, 'RESULT');
$TRANSACTION_ID = vmGet($pfpro, 'PNREF');
$RESPMSG = vmGet($pfpro, 'RESPMSG', '');
$CVV2MATCH = vmGet($pfpro, 'CVV2MATCH', '');
$success = false;
switch ($RESULT_CODE) {
case '0':
// Approved - Success!
$success = true;
$d["order_payment_log"] = $VM_LANG->_('PHPSHOP_PAYMENT_TRANSACTION_SUCCESS') . ": ";
$d["order_payment_log"] .= $RESPMSG;
$q = "UPDATE #__{vm}_order_payment SET ";
$q .= "order_payment_log='" . $d["order_payment_log"] . "',";
$q .= "order_payment_trans_id='" . $TRANSACTION_ID . "' ";
$q .= "WHERE order_id='" . $db->f("order_id") . "' ";
$db->query($q);
$vmLogger->debug($d['order_payment_log']);
break;
default:
$d["order_payment_log"] = payflow_pro::getResponseMsg($RESULT_CODE);
if (!empty($d["order_payment_log"])) {
$vmLogger->err($d["order_payment_log"]);
} else {
$vmLogger->err('An unknown Error occured while voiding the transaction.');
}
break;
}
return $success;
}
/**
* Initializes the global currency converter array
*
* @return mixed
*/
function init()
{
global $mosConfig_cachepath, $mosConfig_absolute_path, $vendor_currency, $vmLogger;
if (!is_array($GLOBALS['converter_array']) && $GLOBALS['converter_array'] !== -1) {
setlocale(LC_TIME, "en-GB");
$now = time() + 3600;
// Time in ECB (Germany) is GMT + 1 hour (3600 seconds)
if (date("I")) {
$now += 3600;
// Adjust for daylight saving time
}
$weekday_now_local = gmdate('w', $now);
// week day, important: week starts with sunday (= 0) !!
$date_now_local = gmdate('Ymd', $now);
$time_now_local = gmdate('Hi', $now);
$time_ecb_update = '1415';
if (is_writable($mosConfig_cachepath)) {
$store_path = $mosConfig_cachepath;
} else {
$store_path = $mosConfig_absolute_path . "/media";
}
$archivefile_name = $store_path . '/daily.xml';
$ecb_filename = $this->document_address;
$val = '';
if (file_exists($archivefile_name) && filesize($archivefile_name) > 0) {
// timestamp for the Filename
$file_datestamp = date('Ymd', filemtime($archivefile_name));
// check if today is a weekday - no updates on weekends
if (date('w') > 0 && date('w') < 6 && $file_datestamp != $date_now_local && $time_now_local > $time_ecb_update) {
$curr_filename = $ecb_filename;
} else {
$curr_filename = $archivefile_name;
$this->last_updated = $file_datestamp;
$this->archive = false;
}
} else {
$curr_filename = $ecb_filename;
}
if (!is_writable($store_path)) {
$this->archive = false;
$vmLogger->debug("The file {$archivefile_name} can't be created. The directory {$store_path} is not writable");
}
if ($curr_filename == $ecb_filename) {
// Fetch the file from the internet
require_once CLASSPATH . 'connectionTools.class.php';
$contents = vmConnector::handleCommunication($curr_filename);
$this->last_updated = date('Ymd');
} else {
$contents = @file_get_contents($curr_filename);
}
if ($contents) {
// if archivefile does not exist
if ($this->archive) {
// now write new file
file_put_contents($archivefile_name, $contents);
}
$contents = str_replace("<Cube currency='USD'", " <Cube currency='EUR' rate='1'/> <Cube currency='USD'", $contents);
/* XML Parsing */
require_once $mosConfig_absolute_path . '/includes/domit/xml_domit_lite_include.php';
$xmlDoc = new DOMIT_Lite_Document();
if (!$xmlDoc->parseXML($contents, false, true)) {
$vmLogger->err('Failed to parse the Currency Converter XML document.');
$_SESSION['product_currency'] = $GLOBALS['product_currency'] = $vendor_currency;
return false;
}
$currency_list = $xmlDoc->getElementsByTagName("Cube");
// Loop through the Currency List
for ($i = 0; $i < $currency_list->getLength(); $i++) {
$currNode =& $currency_list->item($i);
$currency[$currNode->getAttribute("currency")] = $currNode->getAttribute("rate");
unset($currNode);
}
$GLOBALS['converter_array'] = $currency;
} else {
$GLOBALS['converter_array'] = -1;
$vmLogger->err('Failed to retrieve the Currency Converter XML document.');
$_SESSION['product_currency'] = $GLOBALS['product_currency'] = $vendor_currency;
return false;
}
}
return true;
}
function capture_payment(&$d)
{
global $vendor_mail, $vendor_currency, $VM_LANG, $vmLogger;
$database = new ps_DB();
require_once CLASSPATH . "connectionTools.class.php";
/*CERTIFICATION
Visa Test Account 4007000000027
Amex Test Account 370000000000002
Master Card Test Account 6011000000000012
Discover Test Account 5424000000000015
$host = "certification.authorize.net";
$port = 443;
$path = "/gateway/transact.dll";
*/
if (empty($d['order_number'])) {
$vmLogger->err("Error: No Order Number provided.");
return false;
}
/*** Get the Configuration File for authorize.net ***/
require_once CLASSPATH . "payment/" . __CLASS__ . ".cfg.php";
// Get the Transaction Key securely from the database
$database->query("SELECT " . VM_DECRYPT_FUNCTION . "(payment_passkey,'" . ENCODE_KEY . "') as passkey FROM #__{vm}_payment_method \r\n\t\t\t\t\t\t\t\t\tWHERE payment_class='" . __CLASS__ . "' AND payment_enabled = 'Y'");
$transaction = $database->record[0];
if (empty($transaction->passkey)) {
$vmLogger->err($VM_LANG->_('PHPSHOP_PAYMENT_ERROR'), false);
return false;
}
$db = new ps_DB();
$q = "SELECT * FROM #__{vm}_orders, #__{vm}_order_payment WHERE ";
$q .= "order_number='" . $d['order_number'] . "' ";
$q .= "AND #__{vm}_orders.order_id=#__{vm}_order_payment.order_id";
$db->query($q);
if (!$db->next_record()) {
$vmLogger->err("Error: Order not found.");
return false;
}
$expire_date = date("my", $db->f("order_payment_expire"));
// DECODE Account Number
$dbaccount = new ps_DB();
$q = "SELECT " . VM_DECRYPT_FUNCTION . "(order_payment_number,'" . ENCODE_KEY . "')\r\n AS account_number from #__{vm}_order_payment WHERE order_id='" . $db->f("order_id") . "'";
$dbaccount->query($q);
$dbaccount->next_record();
// Get user billing information
$dbbt = new ps_DB();
$qt = "SELECT * FROM #__{vm}_user_info WHERE user_id='" . $db->f("user_id") . "'";
$dbbt->query($qt);
$dbbt->next_record();
$user_info_id = $dbbt->f("user_info_id");
if ($user_info_id != $db->f("user_info_id")) {
// Get user's alternative shipping information
$dbst = new ps_DB();
$qt = "SELECT * FROM #__{vm}_user_info WHERE user_info_id='" . $db->f("user_info_id") . "' AND address_type='ST'";
$dbst->query($qt);
$dbst->next_record();
} else {
$dbst = $dbbt;
}
//Authnet vars to send
$formdata = array('x_version' => '3.1', 'x_login' => AN_LOGIN, 'x_tran_key' => $transaction->passkey, 'x_test_request' => strtoupper(AN_TEST_REQUEST), 'x_delim_data' => 'TRUE', 'x_delim_char' => '|', 'x_relay_response' => 'FALSE', 'x_first_name' => substr($dbbt->f("first_name"), 0, 50), 'x_last_name' => substr($dbbt->f("last_name"), 0, 50), 'x_company' => substr($dbbt->f("company"), 0, 50), 'x_address' => substr($dbbt->f("address_1"), 0, 60), 'x_city' => substr($dbbt->f("city"), 0, 40), 'x_state' => substr($dbbt->f("state"), 0, 40), 'x_zip' => substr($dbbt->f("zip"), 0, 20), 'x_country' => substr($dbbt->f("country"), 0, 60), 'x_phone' => substr($dbbt->f("phone_1"), 0, 25), 'x_fax' => substr($dbbt->f("fax"), 0, 25), 'x_ship_to_first_name' => substr($dbst->f("first_name"), 0, 50), 'x_ship_to_last_name' => substr($dbst->f("last_name"), 0, 50), 'x_ship_to_company' => substr($dbst->f("company"), 0, 50), 'x_ship_to_address' => substr($dbst->f("address_1"), 0, 60), 'x_ship_to_city' => substr($dbst->f("city"), 0, 40), 'x_ship_to_state' => substr($dbst->f("state"), 0, 40), 'x_ship_to_zip' => substr($dbst->f("zip"), 0, 20), 'x_ship_to_country' => substr($dbst->f("country"), 0, 60), 'x_cust_id' => $db->f('user_id'), 'x_customer_ip' => $dbbt->f("ip_address"), 'x_customer_tax_id' => $dbbt->f("tax_id"), 'x_email' => $dbbt->f("email"), 'x_email_customer' => 'False', 'x_merchant_email' => $vendor_mail, 'x_invoice_num' => substr($d['order_number'], 0, 20), 'x_description' => '', 'x_amount' => $db->f("order_total"), 'x_currency_code' => $vendor_currency, 'x_method' => 'CC', 'x_type' => 'PRIOR_AUTH_CAPTURE', 'x_recurring_billing' => AN_RECURRING, 'x_card_num' => $dbaccount->f("account_number"), 'x_card_code' => $db->f('order_payment_code'), 'x_exp_date' => $expire_date, 'x_trans_id' => $db->f("order_payment_trans_id"), 'x_po_num' => substr($d['order_number'], 0, 20), 'x_tax' => substr($db->f('order_tax'), 0, 15), 'x_tax_exempt' => "FALSE", 'x_freight' => $db->f('order_shipping'), 'x_duty' => 0);
//build the post string
$poststring = '';
foreach ($formdata as $key => $val) {
$poststring .= urlencode($key) . "=" . urlencode($val) . "&";
}
// strip off trailing ampersand
$poststring = substr($poststring, 0, -1);
if (defined('AN_HOSTNAME')) {
$host = AN_HOSTNAME;
} else {
$host = 'secure.authorize.net';
}
$result = vmConnector::handleCommunication("https://{$host}:443/gateway/transact.dll", $poststring);
if (!$result) {
$vmLogger->err('We\'re sorry, but an error has occured when we tried to communicate with the authorize.net server. Please try again later, thank you.');
return false;
}
$response = explode("|", $result);
// Approved - Success!
if ($response[0] == '1') {
$d["order_payment_log"] = $VM_LANG->_('PHPSHOP_PAYMENT_TRANSACTION_SUCCESS') . ": ";
$d["order_payment_log"] .= $response[3];
// Catch Transaction ID
$d["order_payment_trans_id"] = $response[6];
$q = "UPDATE #__{vm}_order_payment SET ";
$q .= "order_payment_log='" . $d["order_payment_log"] . "',";
$q .= "order_payment_trans_id='" . $d["order_payment_trans_id"] . "' ";
$q .= "WHERE order_id='" . $db->f("order_id") . "' ";
$db->query($q);
return True;
} elseif ($response[0] == '2') {
$vmLogger->err($response[3]);
$d["order_payment_log"] = $response[3];
// Catch Transaction ID
$d["order_payment_trans_id"] = $response[6];
return False;
} elseif ($response[0] == '3') {
$vmLogger->err($response[3]);
$d["order_payment_log"] = $response[3];
// Catch Transaction ID
$d["order_payment_trans_id"] = $response[6];
return False;
}
}
$currency_code = $price['product_currency'];
}
$formName = 'priceForm';
$content = '<form id="' . $formName . '" method="post" name="priceForm">';
$content .= '<table class="adminform"><tr><td><strong>' . $VM_LANG->_('PHPSHOP_PRICE_FORM_PRICE') . ':</strong></td><td><input type="text" name="product_price" value="' . $price['product_price'] . '" class="inputbox" id="product_price_' . $formName . '" size="11" /></td></tr>';
$content .= '<tr><td><strong>' . $VM_LANG->_('PHPSHOP_PRICE_FORM_GROUP') . ':</strong></td><td>' . $ps_shopper_group->list_shopper_groups('shopper_group_id', $shopper_group_id, 'onchange="reloadForm( \'' . $product_id . '\', \'shopper_group_id\', this.options[this.selectedIndex].value);"') . '</td></tr>';
$content .= '<tr><td><strong>' . $VM_LANG->_('PHPSHOP_PRICE_FORM_CURRENCY') . ':</strong></td><td>' . ps_html::getCurrencyList('product_currency', $currency_code, 'currency_code', 'style="max-width:120px;"') . '</td></tr></table>';
$content .= '<input type="hidden" name="product_price_id" value="' . $price['product_price_id'] . '" id="product_price_id_' . $formName . '" />';
$content .= '<input type="hidden" name="product_id" value="' . $product_id . '" />';
$content .= '<input type="hidden" name="func" value="' . (empty($price['product_price_id']) ? 'productPriceAdd' : 'productPriceUpdate') . '" />';
$content .= '<input type="hidden" name="ajax_request" value="1" />';
$content .= '<input type="hidden" name="no_html" value="1" />';
$content .= '<input type="hidden" name="vmtoken" value="' . vmSpoofValue($sess->getSessionId()) . '" />';
$content .= '<input type="hidden" name="option" value="' . $option . '" />';
$content .= '</form>';
vmConnector::sendHeaderAndContent(200, $content);
break;
case 'getproducts':
if (!defined('SERVICES_JSON_SLICE')) {
require_once CLASSPATH . 'JSON.php';
}
$db =& new ps_DB();
$keyword = $db->getEscaped(vmGet($_REQUEST, 'query'));
$q = "SELECT SQL_CALC_FOUND_ROWS #__{vm}_product.product_id,category_name,product_name\r\n\t\t\tFROM #__{vm}_product,#__{vm}_product_category_xref,#__{vm}_category ";
if (empty($_REQUEST['show_items'])) {
$q .= "WHERE product_parent_id='0'\r\n\t\t\t\t\tAND #__{vm}_product.product_id <> '{$product_id}' \r\n\t\t\t\t\tAND #__{vm}_product.product_id=#__{vm}_product_category_xref.product_id\r\n\t\t\t\t\tAND #__{vm}_product_category_xref.category_id=#__{vm}_category.category_id";
} else {
$q .= "WHERE #__{vm}_product.product_id <> '{$product_id}' \r\n\t\t\t\t\tAND #__{vm}_product.product_id=#__{vm}_product_category_xref.product_id \r\n\t\t\t\t\tAND #__{vm}_product_category_xref.category_id=#__{vm}_category.category_id";
}
if ($keyword) {
$q .= ' AND (product_name LIKE \'%' . $keyword . '%\'';
/**
* Handles a download Request
*
* @param array $d
* @return boolean
*/
function download_request(&$d)
{
global $download_id, $VM_LANG, $vmLogger;
$db = new ps_DB();
$download_id = $db->getEscaped(vmGet($d, "download_id"));
$q = "SELECT * FROM #__{vm}_product_download WHERE";
$q .= " download_id = '{$download_id}'";
$db->query($q);
$db->next_record();
$download_id = $db->f("download_id");
$file_name = $db->f("file_name");
if (strncmp($file_name, 'http', 4) !== 0) {
$datei = DOWNLOADROOT . $file_name;
} else {
$datei = $file_name;
}
$download_max = $db->f("download_max");
$end_date = $db->f("end_date");
$zeit = time();
if (!$download_id) {
$vmLogger->err($VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_INV', false));
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
} elseif ($download_max == "0") {
$q = "DELETE FROM #__{vm}_product_download";
$q .= " WHERE download_id = '" . $download_id . "'";
$db->query($q);
$db->next_record();
$vmLogger->err($VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_MAX', false));
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
} elseif ($end_date != "0" && $zeit > $end_date) {
$q = "DELETE FROM #__{vm}_product_download";
$q .= " WHERE download_id = '" . $download_id . "'";
$db->query($q);
$db->next_record();
$vmLogger->err($VM_LANG->_('PHPSHOP_DOWNLOADS_ERR_EXP', false));
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
require_once CLASSPATH . 'connectionTools.class.php';
$download_count = true;
if (@file_exists($datei)) {
// Check if this is a request for a special range of the file (=Resume Download)
$range_request = vmConnector::http_rangeRequest(filesize($datei), false);
if ($range_request[0] == 0) {
// this is not a request to resume a download,
$download_count = true;
} else {
$download_count = false;
}
} else {
$download_count = false;
}
// Parameter to check if the file should be removed after download, which is only true,
// if we have a remote file, which was transferred to this server into a temporary file
$unlink = false;
if (strncmp($datei, 'http', 4) === 0) {
require_once CLASSPATH . 'ps_product_files.php';
$datei_local = ps_product_files::getRemoteFile($datei);
if ($datei_local !== false) {
$datei = $datei_local;
$unlink = true;
} else {
$vmLogger->err($VM_LANG->_('VM_DOWNLOAD_FILE_NOTFOUND', false));
return false;
}
} else {
// Check, if file path is correct
// and file is
if (!@file_exists($datei)) {
$vmLogger->err($VM_LANG->_('VM_DOWNLOAD_FILE_NOTFOUND', false));
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
if (!@is_readable($datei)) {
$vmLogger->err($VM_LANG->_('VM_DOWNLOAD_FILE_NOTREADABLE', false));
return false;
//vmRedirect("index.php?option=com_virtuemart&page=shop.downloads", $d["error"]);
}
}
if ($download_count) {
// decrement the download_max to limit the number of downloads
$q = "UPDATE `#__{vm}_product_download` SET";
$q .= " `download_max`=`download_max` - 1";
$q .= " WHERE download_id = '" . $download_id . "'";
$db->query($q);
$db->next_record();
}
if ($end_date == "0") {
// Set the Download Expiry Date, so the download can expire after DOWNLOAD_EXPIRE seconds
$end_date = time('u') + DOWNLOAD_EXPIRE;
$q = "UPDATE #__{vm}_product_download SET";
$q .= " end_date={$end_date}";
$q .= " WHERE download_id = '" . $download_id . "'";
$db->query($q);
$db->next_record();
}
if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $_SERVER['HTTP_USER_AGENT'])) {
$UserBrowser = "Opera";
} elseif (ereg('MSIE ([0-9].[0-9]{1,2})', $_SERVER['HTTP_USER_AGENT'])) {
$UserBrowser = "IE";
} else {
$UserBrowser = '';
}
$mime_type = $UserBrowser == 'IE' || $UserBrowser == 'Opera' ? 'application/octetstream' : 'application/octet-stream';
// dump anything in the buffer
while (@ob_end_clean()) {
}
vmConnector::sendFile($datei, $mime_type, basename($file_name));
if ($unlink) {
// remove the temporarily downloaded remote file
@unlink($datei);
}
$GLOBALS['vm_mainframe']->close(true);
}
if (file_exists(CLASSPATH . $classfile)) {
require_once CLASSPATH . $classfile;
$class = str_replace('.class', '', $class);
$methods = get_class_methods($class);
if (empty($methods)) {
$methods = get_class_methods('vm' . $class);
}
foreach ($methods as $method) {
if ($method == $class) {
continue;
}
$method_array[$method] = $method;
}
}
vmConnector::sendHeaderAndContent(200, ps_html::selectList('function_method', $function, $method_array));
break;
case 'checkforupdate':
require_once CLASSPATH . 'update.class.php';
$result = vmUpdate::checkLatestVersion();
if (!empty($result)) {
// Convert a String like "1.1.1" => "1.11", so we can use it as float in Javascript
$version_as_float = substr($result, 0, 3) . substr($result, 4);
$version_as_json = '{version_string:"' . $result . '",version:"' . $version_as_float . '"}';
vmConnector::sendHeaderAndContent('200', $version_as_json);
} else {
vmConnector::sendHeaderAndContent('200', 'Connection Failed');
}
default:
die;
}
exit;
/**
* export zasilkovna orders from db in CSV format
*/
public function exportCSV()
{
$lg =& JFactory::getLanguage();
if (file_exists(CLASSPATH . 'shipping/' . $this->classname . '/' . $lg->getTag() . '.' . $this->classname . '.php')) {
require_once CLASSPATH . 'shipping/' . $this->classname . '/' . $lg->getTag() . '.' . $this->classname . '.php';
} elseif (file_exists(CLASSPATH . 'shipping/' . $this->classname . '/' . $lg->getDefault() . '.' . $this->classname . '.php')) {
require_once CLASSPATH . 'shipping/' . $this->classname . '/' . $lg->getDefault() . '.' . $this->classname . '.php';
} elseif (file_exists(CLASSPATH . 'shipping/' . $this->classname . '/cs-CZ.' . $this->classname . '.php')) {
require_once CLASSPATH . 'shipping/' . $this->classname . '/cs-CZ.' . $this->classname . '.php';
}
require_once CLASSPATH . 'connectionTools.class.php';
//vmConnector::
if ($this->updateBranchesInfo() == false || $this->errors) {
//check if branches info is up to date
echo $this->return_errors();
return false;
}
if ($this->warnings) {
echo $this->return_warnings();
}
if (isset($_REQUEST['cod_orders'])) {
$vm_db = new ps_DB();
$cod_arr = explode('|', $_REQUEST['cod_orders']);
foreach ($cod_arr as $cod_order) {
if ($cod_order > 0) {
$is_cod = '1';
} else {
$is_cod = '0';
}
$cod_order = abs($cod_order);
$q = "INSERT INTO #__zasilkovna_orders (order_id, is_cod,exported) values ('{$cod_order}', '{$is_cod}','0')\n ON DUPLICATE KEY UPDATE is_cod = '{$is_cod}'";
$vm_db->query($q);
}
}
if (isset($_REQUEST['orders_id'])) {
//if have some orders to export
$vm_db = new ps_DB();
$orders_arr = explode('|', $_REQUEST['orders_id']);
//musi se delat array_map floor?
$q = "SELECT o.order_id, o.cdate, o.order_currency, o.order_total, o.ship_method_id, oui.first_name, oui.last_name, oui.phone_1, oui.phone_2, oui.user_email, pm.payment_method_id from #__{vm}_orders o \n join #__{vm}_order_user_info oui on(oui.order_id=o.order_id) \n join #__{vm}_order_payment pm on(pm.order_id=o.order_id) \n ";
$q .= " WHERE o.order_id in (" . implode(',', $orders_arr) . ") ORDER BY o.cdate DESC;";
$vm_db->query($q);
//head for exported query;
$mark_exp_q = "UPDATE #__zasilkovna_orders SET exported='1' WHERE ";
$first = true;
while ($vm_db->next_record()) {
//prepare exported query for each order
if ($first) {
$first = false;
} else {
$mark_exp_q .= ' OR ';
}
$mark_exp_q .= " order_id='" . $vm_db->f('order_id') . "' ";
foreach (array('phone_1', 'phone_2') as $field) {
$phone_n = $this->normalize_phone($vm_db->f($field));
if (preg_match('/^\\+42[01][0-9]{9}$|^$/', $phone_n)) {
$phone = $phone_n;
}
}
//get destination branch id from ship_method.. Adresa - [id=ID]
$ship_method = $vm_db->f('ship_method_id');
$ship_info = explode('|', $ship_method);
$ship_info = $ship_info[2];
$branch_id = substr($ship_info, strpos($ship_info, '[id=') + strlen('[id='), -1);
//-1 removes closing ]
$b_db = new ps_DB();
$b_db->query('SELECT currency,country FROM #__zasilkovna_branches WHERE id=' . $branch_id);
$branch_currency = $b_db->f('currency');
$total = $vm_db->f('order_total');
//currency conversion
if ($vm_db->f('order_currency') != $branch_currency) {
$total = $GLOBALS['CURRENCY']->convert($total, $vm_db->f('order_currency'), $branch_currency);
}
//rounding
if ($branch_currency == 'CZK') {
$total = round($total);
} else {
$total = round($total, 2);
}
//is cod?
$exp_o = new ps_DB();
$q = "SELECT is_cod from #__zasilkovna_orders WHERE order_id='" . $vm_db->f('order_id') . "';";
$exp_o->query($q);
if ($exp_o->f('is_cod') == 1) {
$cod_cash = $total;
} else {
$cod_cash = '0';
}
$csv_out .= ';"' . $this->csv_escape($vm_db->f('order_id')) . '";"' . $this->csv_escape($vm_db->f('first_name')) . '";"' . $this->csv_escape($vm_db->f('last_name')) . '";;"' . $this->csv_escape($vm_db->f('user_email')) . '";"' . $this->csv_escape($phone) . '";"' . $this->csv_escape($cod_cash) . '";"' . $this->csv_escape($total) . '";"' . $this->csv_escape($branch_id) . '";"' . $this->csv_escape($this->getConfig('eshop_domain')) . '"' . "\r\n";
//$csv_out.=';"'.$this->csv_escape($vm_db->f('order_id')).'";"'.$this->csv_escape($vm_db->f('first_name')).'";"'.$this->csv_escape($vm_db->f('last_name')).'";;"'.$this->csv_escape($vm_db->f('user_email')).'";"'.$this->csv_escape($phone).'";"'.$this->csv_escape(($this->getConfig('cod'.$vm_db->f('payment_method_id')) ? $total : "0")).'";"'.$this->csv_escape($total).'";"'.$this->csv_escape($branch_id).'";"'.$this->csv_escape($this->getConfig('eshop_domain')).'"'."\r\n";
}
//close and exec exported query
$mark_exp_q .= ';';
$vm_db->query($mark_exp_q);
header("Content-Type: text/csv");
header("Content-Disposition: attachment; filename=\"export-" . date("Ymd-His") . ".csv\"");
} else {
//when no orders for export and just want to update cod info
$csv_out .= $zas_lang['saved_ok'];
}
vmConnector::sendHeaderAndContent(200, $csv_out);
//echo $csv_out;
exit;
}
<?php
if (!defined('_VALID_MOS') && !defined('_JEXEC')) {
die('Direct Access to ' . basename(__FILE__) . ' is not allowed.');
}
require_once CLASSPATH . 'connectionTools.class.php';
//vmConnector::
$s_p_arr = explode('|', urldecode($_REQUEST['s_p']));
$db =& JFactory::getDBO();
$q = "TRUNCATE TABLE #__zasilkovna_ship_payment;";
$db->setQuery($q);
$db->query();
foreach ($s_p_arr as $s_p) {
$s_p = explode('/', $s_p);
$q = "INSERT IGNORE INTO #__zasilkovna_ship_payment ";
$q .= "(\n `carrier` ,\n `payment_method_id`\n ) ";
$q .= " VALUES (\n '{$s_p['0']}', '{$s_p['1']}'\n );";
$db->setQuery($q);
$db->query();
}
vmConnector::sendHeaderAndContent(200, "Saved");
exit;
* @version $Id: shop.feed.php 1958 2009-10-08 20:09:57Z soeren_nb $
* @package VirtueMart
* @subpackage html
* @copyright Copyright (C) 2007-2009 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
require_once CLASSPATH . 'connectionTools.class.php';
if (VM_FEED_ENABLED == '') {
vmConnector::sendHeaderAndContent(403, 'This Feed is currently not available.', '');
exit;
}
switch (strtoupper(vmGet($_GET, "feed", "RSS2.0"))) {
case "2.0":
case "RSS2":
case "RSS2.0":
$info['feed'] = 'RSS2.0';
break;
case "1.0":
case "RSS1.0":
$info['feed'] = 'RSS1.0';
break;
case "0.91":
case "RSS0.91":
$info['feed'] = 'RSS0.91';
function list_rates(&$d)
{
global $vendor_country_2_code, $vendor_currency, $vmLogger;
global $VM_LANG, $CURRENCY_DISPLAY, $mosConfig_absolute_path;
$db =& new ps_DB();
$dbv =& new ps_DB();
$cart = $_SESSION['cart'];
/** Read current Configuration ***/
require_once CLASSPATH . "shipping/" . __CLASS__ . ".cfg.php";
$q = "SELECT * FROM #__{vm}_user_info, #__{vm}_country WHERE user_info_id='" . $d["ship_to_info_id"] . "' AND ( country=country_2_code OR country=country_3_code)";
$db->query($q);
$q = "SELECT * FROM #__{vm}_vendor WHERE vendor_id='" . $_SESSION['ps_vendor_id'] . "'";
$dbv->query($q);
$dbv->next_record();
$order_weight = $d['weight'];
$html = "";
if ($order_weight > 0) {
if ($order_weight < 1) {
$order_weight = 1;
}
if ($order_weight > 150.0) {
$order_weight = 150.0;
}
//Access code for online tools at ups.com
$ups_access_code = UPS_ACCESS_CODE;
//Username from registering for online tools at ups.com
$ups_user_id = UPS_USER_ID;
//Password from registering for online tools at ups.com
$ups_user_password = UPS_PASSWORD;
//Title for your request
$request_title = "Shipping Estimate";
//The zip that you are shipping from
// Add ability to override vendor zip code as source ship from...
if (Override_Source_Zip != "" or Override_Source_Zip != NULL) {
$source_zip = Override_Source_Zip;
} else {
$source_zip = $dbv->f("vendor_zip");
}
//The zip that you are shipping to
$dest_country = $db->f("country_2_code");
$dest_zip = substr($db->f("zip"), 0, 5);
// Make sure the ZIP is 5 chars long
//LBS = Pounds
//KGS = Kilograms
$weight_measure = WEIGHT_UOM == 'KG' ? "KGS" : "LBS";
// The XML that will be posted to UPS
$xmlPost = "<?xml version=\"1.0\"?>";
$xmlPost .= "<AccessRequest xml:lang=\"en-US\">";
$xmlPost .= " <AccessLicenseNumber>" . $ups_access_code . "</AccessLicenseNumber>";
$xmlPost .= " <UserId>" . $ups_user_id . "</UserId>";
$xmlPost .= " <Password>" . $ups_user_password . "</Password>";
$xmlPost .= "</AccessRequest>";
$xmlPost .= "<?xml version=\"1.0\"?>";
$xmlPost .= "<RatingServiceSelectionRequest xml:lang=\"en-US\">";
$xmlPost .= " <Request>";
$xmlPost .= " <TransactionReference>";
$xmlPost .= " <CustomerContext>" . $request_title . "</CustomerContext>";
$xmlPost .= " <XpciVersion>1.0001</XpciVersion>";
$xmlPost .= " </TransactionReference>";
$xmlPost .= " <RequestAction>rate</RequestAction>";
$xmlPost .= " <RequestOption>shop</RequestOption>";
$xmlPost .= " </Request>";
$xmlPost .= " <PickupType>";
$xmlPost .= " <Code>" . UPS_PICKUP_TYPE . "</Code>";
$xmlPost .= " </PickupType>";
$xmlPost .= " <Shipment>";
$xmlPost .= " <Shipper>";
$xmlPost .= " <Address>";
$xmlPost .= " <PostalCode>" . $source_zip . "</PostalCode>";
$xmlPost .= " <CountryCode>{$vendor_country_2_code}</CountryCode>";
$xmlPost .= " </Address>";
$xmlPost .= " </Shipper>";
$xmlPost .= " <ShipTo>";
$xmlPost .= " <Address>";
$xmlPost .= " <PostalCode>" . $dest_zip . "</PostalCode>";
$xmlPost .= " <CountryCode>{$dest_country}</CountryCode>";
if (UPS_RESIDENTIAL == "yes") {
$xmlPost .= " <ResidentialAddressIndicator/>";
}
$xmlPost .= " </Address>";
$xmlPost .= " </ShipTo>";
$xmlPost .= " <ShipFrom>";
$xmlPost .= " <Address>";
$xmlPost .= " <PostalCode>" . $source_zip . "</PostalCode>";
$xmlPost .= " <CountryCode>{$vendor_country_2_code}</CountryCode>";
$xmlPost .= " </Address>";
$xmlPost .= " </ShipFrom>";
// Service is only required, if the Tag "RequestOption" contains the value "rate"
// We don't want a specific servive, but ALL Rates
//$xmlPost .= " <Service>";
//$xmlPost .= " <Code>".$shipping_type."</Code>";
//$xmlPost .= " </Service>";
$xmlPost .= " <Package>";
$xmlPost .= " <PackagingType>";
$xmlPost .= " <Code>" . UPS_PACKAGE_TYPE . "</Code>";
$xmlPost .= " </PackagingType>";
$xmlPost .= " <PackageWeight>";
$xmlPost .= " <UnitOfMeasurement>";
$xmlPost .= " <Code>" . $weight_measure . "</Code>";
$xmlPost .= " </UnitOfMeasurement>";
$xmlPost .= " <Weight>" . $order_weight . "</Weight>";
$xmlPost .= " </PackageWeight>";
$xmlPost .= " </Package>";
$xmlPost .= " </Shipment>";
$xmlPost .= "</RatingServiceSelectionRequest>";
// echo htmlentities( $xmlPost );
$upsURL = "https://www.ups.com:443/ups.app/xml/Rate";
require_once CLASSPATH . 'connectionTools.class.php';
$error = false;
$xmlResult = vmConnector::handleCommunication($upsURL, $xmlPost);
if (!$xmlResult) {
$vmLogger->err($VM_LANG->_('PHPSHOP_INTERNAL_ERROR', false) . " UPS.com");
$error = true;
} else {
/* XML Parsing */
require_once $mosConfig_absolute_path . '/includes/domit/xml_domit_lite_include.php';
$xmlDoc =& new DOMIT_Lite_Document();
$xmlDoc->parseXML($xmlResult, false, true);
/* Let's check wether the response from UPS is Success or Failure ! */
if (strstr($xmlResult, "Failure")) {
$error = true;
$error_code = $xmlDoc->getElementsByTagName("ErrorCode");
$error_code = $error_code->item(0);
$error_code = $error_code->getText();
$error_desc = $xmlDoc->getElementsByTagName("ErrorDescription");
$error_desc = $error_desc->item(0);
$error_desc = $error_desc->getText();
$vmLogger->err($VM_LANG->_('PHPSHOP_UPS_RESPONSE_ERROR', false) . '. ' . $VM_LANG->_('PHPSHOP_ERROR_CODE') . ": " . $error_code . ', ' . $VM_LANG->_('PHPSHOP_ERROR_DESC') . ": " . $error_desc);
}
}
if ($error) {
// Switch to StandardShipping on Error !!!
require_once CLASSPATH . 'shipping/standard_shipping.php';
$shipping =& new standard_shipping();
$shipping->list_rates($d);
return;
}
// retrieve the list of all "RatedShipment" Elements
$rate_list =& $xmlDoc->getElementsByTagName("RatedShipment");
$allservicecodes = array("UPS_Next_Day_Air", "UPS_2nd_Day_Air", "UPS_Ground", "UPS_Worldwide_Express_SM", "UPS_Worldwide_Expedited_SM", "UPS_Standard", "UPS_3_Day_Select", "UPS_Next_Day_Air_Saver", "UPS_Next_Day_Air_Early_AM", "UPS_Worldwide_Express_Plus_SM", "UPS_2nd_Day_Air_AM", "UPS_Saver", "na");
$myservicecodes = array();
foreach ($allservicecodes as $servicecode) {
if (constant($servicecode) != '' || constant($servicecode) != 0) {
$myservicecodes[] = constant($servicecode);
}
}
if (DEBUG) {
echo "Cart Contents: " . $order_weight . " " . $weight_measure . "<br><br>\n";
echo "XML Post: <br>";
echo "<textarea cols='80'>" . $xmlPost . "</textarea>";
echo "<br>";
echo "XML Result: <br>";
echo "<textarea cols='80' rows='10'>" . $xmlResult . "</textarea>";
echo "<br>";
}
// Loop through the rate List
for ($i = 0; $i < $rate_list->getLength(); $i++) {
$currNode =& $rate_list->item($i);
if (in_array($currNode->childNodes[0]->getText(), $myservicecodes)) {
$e = 0;
// First Element: Service Code
$shipment[$i]["ServiceCode"] = $currNode->childNodes[$e++]->getText();
// Second Element: BillingWeight
if ($currNode->childNodes[$e]->nodeName == 'RatedShipmentWarning') {
$e++;
}
$shipment[$i]["BillingWeight"] = $currNode->childNodes[$e++];
// Third Element: TransportationCharges
$shipment[$i]["TransportationCharges"] = $currNode->childNodes[$e++];
$shipment[$i]["TransportationCharges"] = $shipment[$i]["TransportationCharges"]->getElementsByTagName("MonetaryValue");
$shipment[$i]["TransportationCharges"] = $shipment[$i]["TransportationCharges"]->item(0);
if (is_object($shipment[$i]["TransportationCharges"])) {
$shipment[$i]["TransportationCharges"] = $shipment[$i]["TransportationCharges"]->getText();
}
// Fourth Element: ServiceOptionsCharges
$shipment[$i]["ServiceOptionsCharges"] = $currNode->childNodes[$e++];
// Fifth Element: TotalCharges
$shipment[$i]["TotalCharges"] = $currNode->childNodes[$e++];
// Sixth Element: GuarenteedDaysToDelivery
$shipment[$i]["GuaranteedDaysToDelivery"] = $currNode->childNodes[$e++]->getText();
// Seventh Element: ScheduledDeliveryTime
$shipment[$i]["ScheduledDeliveryTime"] = $currNode->childNodes[$e++]->getText();
// Eighth Element: RatedPackage
$shipment[$i]["RatedPackage"] = $currNode->childNodes[$e++];
// map ServiceCode to ServiceName
switch ($shipment[$i]["ServiceCode"]) {
case "01":
$shipment[$i]["ServiceName"] = "UPS Next Day Air";
break;
case "02":
$shipment[$i]["ServiceName"] = "UPS 2nd Day Air";
break;
case "03":
$shipment[$i]["ServiceName"] = "UPS Ground";
break;
case "07":
$shipment[$i]["ServiceName"] = "UPS Worldwide Express SM";
break;
case "08":
$shipment[$i]["ServiceName"] = "UPS Worldwide Expedited SM";
break;
case "11":
$shipment[$i]["ServiceName"] = "UPS Standard";
break;
case "12":
$shipment[$i]["ServiceName"] = "UPS 3 Day Select";
break;
case "13":
$shipment[$i]["ServiceName"] = "UPS Next Day Air Saver";
break;
case "14":
$shipment[$i]["ServiceName"] = "UPS Next Day Air Early A.M.";
break;
case "54":
$shipment[$i]["ServiceName"] = "UPS Worldwide Express Plus SM";
break;
case "59":
$shipment[$i]["ServiceName"] = "UPS 2nd Day Air A.M.";
break;
case "64":
$shipment[$i]["ServiceName"] = "n/a";
break;
case "65":
$shipment[$i]["ServiceName"] = "UPS Saver";
break;
}
unset($currNode);
}
}
if (!$shipment) {
//$vmLogger->err( "Error processing the Request to UPS.com" );
/*$vmLogger->err( "We could not find a UPS shipping rate.
Please make sure you have entered a valid shipping address.
Or choose a rate below." );
// Switch to StandardShipping on Error !!!
require_once( CLASSPATH . 'shipping/standard_shipping.php' );
$shipping =& new standard_shipping();
$shipping->list_rates( $d );*/
return;
}
// UPS returns Charges in USD ONLY.
// So we have to convert from USD to Vendor Currency if necessary
if ($_SESSION['vendor_currency'] != "USD") {
$convert = true;
} else {
$convert = false;
}
if ($_SESSION['auth']['show_price_including_tax'] != 1) {
$taxrate = 1;
} else {
$taxrate = $this->get_tax_rate() + 1;
}
foreach ($shipment as $key => $value) {
//Get the Fuel SurCharge rate, defined in config.
$fsc = $value['ServiceName'] . "_FSC";
$fsc = str_replace(" ", "_", str_replace(".", "", str_replace("/", "", $fsc)));
$fsc = constant($fsc);
if ($fsc == 0) {
$fsc_rate = 1;
} else {
$fsc_rate = $fsc / 100;
$fsc_rate = $fsc_rate + 1;
}
if ($convert) {
$tmp = $GLOBALS['CURRENCY']->convert($value['TransportationCharges'], "USD", $vendor_currency);
// tmp is empty when the Vendor Currency could not be converted!!!!
if (!empty($tmp)) {
$charge = $tmp;
// add Fuel SurCharge
$charge *= $fsc_rate;
// add Handling Fee
$charge += UPS_HANDLING_FEE;
$charge *= $taxrate;
$value['TransportationCharges'] = $CURRENCY_DISPLAY->getFullValue($tmp);
} else {
$charge = $value['TransportationCharges'] + intval(UPS_HANDLING_FEE);
// add Fuel SurCharge
$charge *= $fsc_rate;
// add Handling Fee
$charge += UPS_HANDLING_FEE;
$charge *= $taxrate;
$value['TransportationCharges'] = $value['TransportationCharges'] . " USD";
}
} else {
$charge = $charge_unrated = $value['TransportationCharges'];
// add Fuel SurCharge
$charge *= $fsc_rate;
// add Handling Fee
$charge += UPS_HANDLING_FEE;
$charge *= $taxrate;
$value['TransportationCharges'] = $CURRENCY_DISPLAY->getFullValue($charge);
}
$shipping_rate_id = urlencode(__CLASS__ . "|UPS|" . $value['ServiceName'] . "|" . $charge);
$checked = @$d["shipping_rate_id"] == $value ? "checked=\"checked\"" : "";
if (count($shipment) == 1) {
$checked = "checked=\"checked\"";
}
$html .= '<label for="' . $shipping_rate_id . '">' . "\n<input type=\"radio\" name=\"shipping_rate_id\" {$checked} value=\"{$shipping_rate_id}\" id=\"{$shipping_rate_id}\" />\n";
$_SESSION[$shipping_rate_id] = 1;
$html .= $value['ServiceName'] . ' ';
$html .= "<strong>(" . $value['TransportationCharges'] . ")</strong>";
if (DEBUG) {
$html .= " - " . $VM_LANG->_('PHPSHOP_PRODUCT_FORM_WEIGHT') . ": " . $order_weight . " " . $weight_measure . ", " . $VM_LANG->_('PHPSHOP_RATE_FORM_VALUE') . ": [[" . $charge_unrated . "(" . $fsc_rate . ")]+" . UPS_HANDLING_FEE . "](" . $taxrate . ")]";
}
// DELIVERY QUOTE
if (Show_Delivery_Days_Quote == 1) {
if (!empty($value['GuaranteedDaysToDelivery'])) {
$html .= " - " . $value['GuaranteedDaysToDelivery'] . " " . $VM_LANG->_('PHPSHOP_UPS_SHIPPING_GUARANTEED_DAYS');
}
}
if (Show_Delivery_ETA_Quote == 1) {
if (!empty($value['ScheduledDeliveryTime'])) {
$html .= " (ETA: " . $value['ScheduledDeliveryTime'] . ")";
}
}
if (Show_Delivery_Warning == 1 && !empty($value['RatedShipmentWarning'])) {
$html .= "</label><br/>\n * <em>" . $value['RatedShipmentWarning'] . "</em>\n";
}
$html .= "<br />\n";
}
}
echo $html;
//DEBUG
if (DEBUG) {
/*
echo "My Services: <br>";
print_r($myservicecodes);
echo "<br>";
echo "All Services: <br>";
print_r($allservicecodes);
echo "<br>";
echo "XML Result: <br>";
echo "<textarea cols='80' rows='10'>".$xmlResult."</textarea>";
echo "<br>";
*/
}
return true;
}
/**
* Does the refunding
*
* This methods needs that every transaction id is saved. Atm this does not happen, so this function does not work atm.
*
* @author Max Milbers
*/
function do_refund(&$d)
{
global $vendor_currency, $vmLogger, $VM_LANG;
if (empty($d['order_number'])) {
$vmLogger->err("Error: No Order Number provided.");
return false;
}
// include the configuration file
require_once CLASSPATH . "payment/" . __CLASS__ . ".cfg.php";
$db = new ps_DB();
$q = "SELECT #__{vm}_orders.order_id,order_number,order_payment_trans_id,order_total FROM #__{vm}_orders, #__{vm}_order_payment WHERE ";
$q .= "order_number='" . $d['order_number'] . "' ";
$q .= "AND #__{vm}_orders.order_id=#__{vm}_order_payment.order_id";
$db->query($q);
if (!$db->next_record() || !$db->f('order_payment_trans_id')) {
$vmLogger->err("Error: Order or TransactionID not found.");
return false;
}
$postData['method'] = 'refundCard';
$postData['merchantUUID'] = MW_MERCHANT_UUID;
$postData['apiKey'] = MW_API_KEY;
$postData['transactionAmount'] = $db->f('order_total');
$postData['transactionCurrency'] = $vendor_currency;
$postData['transactionID'] = $db->f('order_payment_trans_id');
$postData['refundAmount'] = $db->f('order_total');
$postData['hash'] = ps_merchantwarrior::calculateHash($postData, $transaction->passkey);
$poststring = '';
foreach ($postData as $key => $val) {
$poststring .= urlencode($key) . "=" . urlencode($val) . "&";
}
if (MW_TEST_REQUEST == 'FALSE') {
//live
$host = 'api.merchantwarrior.com';
} else {
//test
$host = 'base.merchantwarrior.com';
}
//Maybe unnecessary
$headers[] = "X-VPS-Timeout: 60";
$headers[] = "X-VPS-VIT-OS-Name: " . PHP_OS;
// Name of your OS
$headers[] = "X-VPS-VIT-OS-Version: " . PHP_OS;
// OS Version
$headers[] = "X-VPS-VIT-Client-Type: PHP/cURL";
// What you are using
$headers[] = "X-VPS-VIT-Client-Version: 0.01";
// For your info
$responseData = vmConnector::handleCommunication("https://{$host}:443/post/", $poststring, $headers);
if (!$responseData) {
$vmLogger->err('Unable to connect with server. The transaction could not be completed.');
return false;
}
// Parse the XML and create a SimpleXMLObject+
$result = simplexml_load_string($responseData);
// Convert the result from a SimpleXMLObject into an array+
$result = (array) $result;
$parsed = ps_merchantwarrior::parseResponse($result);
ps_merchantwarrior::loadLang();
if (!$parsed['responseCode']) {
$vmLogger->info($VM_LANG->_('PHPSHOP_MW_0'));
return true;
} else {
$errorCode = substr($parsed['responseMessage'], 5, 3);
$vmLogger->err($VM_LANG->_('PHPSHOP_MW_' . $parsed['responseCode']) . ' ' . $VM_LANG->_('PHPSHOP_MW_ERROR_' . $errorCode));
return false;
}
}
/**
* Retrieves a remote file
*
* @param string $url
* @return mixed
*/
function getRemoteFile($url)
{
@ini_set("allow_url_fopen");
$remote_fetching = ini_get("allow_url_fopen");
if ($remote_fetching) {
require_once CLASSPATH . 'connectionTools.class.php';
$tmp_file = tempnam(IMAGEPATH . "/product/", "FOO");
$handle = fopen($tmp_file, "wb");
if ($handle === false) {
return false;
}
vmConnector::handleCommunication($url, '', array(), $handle);
fclose($handle);
return $tmp_file;
} else {
return false;
}
}