Example #1
0
/**
 * marks an order as Paid, sends an invoice, and calls any specified callbacks
 *
 * @param int   $id    ID of the order
 * @param array $order details of the order
 *
 * @return null
 */
function OnlineStore_processOrder($id, $order = false)
{
    if ($order === false) {
        $order = dbRow("SELECT * FROM online_store_orders WHERE id={$id}");
    }
    $items = json_decode($order['items'], true);
    // { mark order as paid
    dbQuery("update online_store_orders set status='1' where id={$id}");
    OnlineStore_updateProductSales($id, $items, $order['date_created']);
    if (!$order['invoice_num']) {
        $highest = dbOne('select invoice_num from online_store_orders order by invoice_num desc limit 1', 'invoice_num');
        $order['invoice_num'] = $highest + 1;
        dbQuery('update online_store_orders set invoice_num=' . $order['invoice_num'] . ' where id=' . $id);
    }
    $order['status'] = 1;
    // }
    // { call the callback if it's supplied
    if ($order['callback']) {
        file($order['callback']);
    }
    // }
    Core_trigger('after-order-processed', array($order));
    OnlineStore_sendInvoiceEmail($id, $order);
    OnlineStore_exportToFile($id, $order);
}
Example #2
0
<?php

/**
 * verify a QuickPay payment
 *
 * PHP version 5.2
 *
 * @category None
 * @package  None
 * @author   Kae Verens <*****@*****.**>
 * @license  GPL 2.0
 * @link     http://kvsites.ie/
 */
require_once $_SERVER['DOCUMENT_ROOT'] . '/ww.incs/basics.php';
$md5secret = dbOne('select value from page_vars,pages where page_id=pages.id and ' . '(pages.type="online-store" or pages.type="online-store|online-store")' . ' and page_vars.name="online_stores_quickpay_secret"', 'value');
if (!$md5secret) {
    // no md5 secret entered
    Core_quit();
}
// { calculate expected MD5
$expected_md5 = md5($_REQUEST['msgtype'] . $_REQUEST['ordernumber'] . $_REQUEST['amount'] . $_REQUEST['currency'] . $_REQUEST['time'] . $_REQUEST['state'] . $_REQUEST['qpstat'] . $_REQUEST['qpstatmsg'] . $_REQUEST['chstat'] . $_REQUEST['chstatmsg'] . $_REQUEST['merchant'] . $_REQUEST['merchantemail'] . $_REQUEST['transaction'] . $_REQUEST['cardtype'] . $_REQUEST['cardnumber'] . $_REQUEST['splitpayment'] . $_REQUEST['fraudprobability'] . $_REQUEST['fraudremarks'] . $_REQUEST['fraudreport'] . $_REQUEST['fee'] . $md5secret);
// }
if (strtolower($expected_md5) == strtolower($_REQUEST['md5check'])) {
    $id = (int) preg_replace('/^0*/', '', $_REQUEST['ordernumber']);
    $sql = 'update online_store_orders set status=4' . ', meta="' . addslashes(json_encode($_REQUEST)) . '"' . ', authorised=1 where id=' . $id;
    dbQuery($sql);
    require_once dirname(__FILE__) . '/../order-status.php';
    OnlineStore_sendInvoiceEmail($id);
    OnlineStore_exportToFile($id);
}
Example #3
0
/**
 * change the payment status of an Online-Store order
 *
 * @return array status
 */
function OnlineStore_adminChangeOrderStatus()
{
    $id = (int) $_REQUEST['id'];
    $status = (int) $_REQUEST['status'];
    $invoices_by_email = (int) dbOne('select value from online_store_vars where name="invoices_by_email"', 'value');
    if ($status == 1) {
        // paid
        require dirname(__FILE__) . '/order-status.php';
        OnlineStore_processOrder($id);
    } elseif ($status == 3) {
        // cancelled
        dbQuery('update online_store_orders set status=' . $status . ' where id=' . $id);
        Core_trigger('after-order-cancelled', dbRow('select * from online_store_orders where id=' . $id));
    } else {
        dbQuery('update online_store_orders set status=' . $status . ' where id=' . $id);
        require dirname(__FILE__) . '/order-status.php';
        OnlineStore_sendInvoiceEmail($id);
        OnlineStore_exportToFile($id);
    }
    return array('ok' => 1);
}