/**
* Add a record of the purchase to the DB
*
* @param array $products Product Id(s) of Product(s) purchased
* @param array $quantity Quantity of products purchases
* @param array $paypal_data IPN POST variables
* @todo implemente physical item vs. download, reflected in 'status'
*/
function handlePurchase($products, $quantity, $paypal_data, $product_name)
{
global $_TABLES, $_CONF, $_PAY_CONF, $LANG_PAYPAL_EMAIL;
// initialize file and names arrays
$files = array();
$names = array();
$oldids = $products;
$products = PAYPAL_realId($products);
// for each item purchased, record purchase in purchase table
for ($i = 0; $i < count($products); $i++) {
if (DEBUG) {
COM_errorLog('PAYPAL-IPN: Product id:' . $products[$i]);
}
// grab relevant product data from product table to insert into purchase table.
$sql = "SELECT * FROM {$_TABLES['paypal_products']} " . "WHERE id = '{$products[$i]}'";
$res = DB_query($sql);
$A = DB_fetchArray($res);
if (DEBUG) {
COM_errorLog('PAYPAL-IPN: Type: ' . $A['type']);
}
if ($A['download'] > 0) {
$files[] = $_PAY_CONF['download_path'] . $A['file'];
}
//TODO + attribute name
// Set quantity to one if empty
if ($quantity[$i] == '') {
$quantity[$i] = 1;
}
$names[] = $product_name[$i] . ' x ' . $quantity[$i];
// Do record anonymous users in purchase table
//TODO record product name + product_id with attribute
if (is_numeric((int) $paypal_data['custom']) && (int) $paypal_data['custom'] > 0) {
// Add the purchase to the paypal purchase table
$sql = "INSERT INTO {$_TABLES['paypal_purchases']} SET product_id = '{$products[$i]}', " . "quantity = '{$quantity[$i]}', user_id = '{$paypal_data['custom']}', " . "txn_id = '{$paypal_data['txn_id']}', " . 'purchase_date = NOW(), status = \'complete\'';
/**
* @todo implemente physical item vs. download, reflected in 'status'
*/
// if physical item (aka, must be shipped) status = 'pending', otherwise 'complete'
//if ( $physical == 1 ) {
// $sql .= ", status = 'pending'";
//} else {
// $sql .= ", status = 'complete'";
//}
// add an expiration date if appropriate
if (is_numeric($A['expiration']) && $A['type'] == 'product') {
$sql .= ", expiration = DATE_ADD(NOW(), INTERVAL {$A['expiration']} DAY)";
}
if (DEBUG) {
COM_errorLog('PAYPAL-IPN: ' . $sql);
}
DB_query($sql);
if (DEBUG) {
COM_errorLog('PAYPAL-IPN: Purchase recorded');
}
}
// stock movement
$stock_id = PAYPAL_getStockId($oldids[$i]);
$qty = $quantity[$i];
PAYPAL_stockMovement($stock_id, $oldids[$i], -$qty);
}
// Update user details if empty user_id, user_name, user_contact, user_proid, user_street1, user_street2, user_postal, user_city, user_country, user_phone1, user_phone2, user_fax, status
$fields = array('user_name' => $paypal_data['address_name'], 'user_contact' => $paypal_data['first_name'] . ' ' . $paypal_data['last_name'], 'user_street1' => $paypal_data['address_street'], 'user_postal' => $paypal_data['address_zip'], 'user_city' => $paypal_data['address_city'], 'user_country' => $paypal_data['address_country']);
if (is_numeric((int) $paypal_data['custom']) && (int) $paypal_data['custom'] != 1) {
PAYPAL_updateUserDetails((int) $paypal_data['custom'], $fields, true);
}
// Send the purchaser a confirmation email (if set to do so in config)
if (is_numeric((int) $paypal_data['custom']) && (int) $paypal_data['custom'] != 1 && $_PAY_CONF['purchase_email_user'] || (!is_numeric($paypal_data['custom']) || (int) $paypal_data['custom'] == 1) && $_PAY_CONF['purchase_email_anon']) {
// setup templates
$message = new Template($_CONF['path'] . 'plugins/paypal/templates');
$message->set_file(array('subject' => 'purchase_email_subject.txt', 'message' => 'purchase_email_message.txt'));
// site variables
$message->set_var('site_url', $_CONF['site_url']);
$message->set_var('site_name', $_CONF['site_name']);
//Email subject
$message->set_var('purchase_receipt', $LANG_PAYPAL_EMAIL['purchase_receipt']);
// list of product names
for ($i = 0; $i < count($products); $i++) {
$li_products .= '<li>' . $names[$i];
}
$message->set_var('products', $li_products);
//Email messages
$message->set_var('thank_you', $LANG_PAYPAL_EMAIL['thank_you']);
$message->set_var('thanks', $LANG_PAYPAL_EMAIL['thanks']);
// paypal details
$message->set_var('payment_gross', $paypal_data['payment_gross']);
$message->set_var('tax', $paypal_data['tax']);
$message->set_var('shipping', $paypal_data['mc_shipping']);
$message->set_var('handling', $paypal_data['mc_handling']);
$message->set_var('payment_date', $paypal_data['payment_date']);
$message->set_var('payer_email', $paypal_data['payer_email']);
$message->set_var('first_name', $paypal_data['first_name']);
$message->set_var('last_name', $paypal_data['last_name']);
$subject = trim($message->parse('output', 'subject'));
// if specified to mail attachment, do so, otherwise skip attachment
if ((is_numeric((int) $paypal_data['custom']) && (int) $paypal_data['custom'] != 1 && $_PAY_CONF['purchase_email_user_attach'] || (!is_numeric((int) $paypal_data['custom']) || (int) $paypal_data['custom'] == 1) && $_PAY_CONF['purchase_email_anon_attach']) && count($files) > 0) {
$message->set_var('attached_files', $LANG_PAYPAL_EMAIL['attached_files']);
$text = $message->parse('output', 'message');
paypal_mailAttachment($paypal_data['payer_email'], $subject, $text, $files, $_PAY_CONF['receiverEmailAddr']);
} else {
if (count($files) > 0) {
$message->set_var('attached_files', $LANG_PAYPAL_EMAIL['download_files']);
} else {
$message->set_var('attached_files', '');
}
$text = $message->parse('output', 'message');
COM_mail($paypal_data['payer_email'], $subject, $text, $_PAY_CONF['receiverEmailAddr'], true);
}
if (DEBUG) {
COM_errorLog('PAYPAL-IPN: Email was sent');
}
}
//Send email to receiver
COM_mail($_PAY_CONF['receiverEmailAddr'], $subject, $subject . ' >> ' . $text, $_PAY_CONF['receiverEmailAddr'], true);
//Subscription
if ($A['type'] == 'subscription') {
//add subscription to db
PAYPAL_addsubscription($A, $paypal_data);
if (DEBUG) {
COM_errorLog('PAYPAL-IPN: Subscription recorded');
}
//add user to group
if ($A['add_to_group'] > 1 && (int) $paypal_data['custom'] > 1) {
PAYPAL_addToGroup($A['add_to_group'], $paypal_data['custom']);
if (DEBUG) {
COM_errorLog('PAYPAL-IPN: User with UID ' . $paypal_data['custom'] . ' added to group ID ' . $A['add_to_group']);
}
}
}
}
function display_cart($jcart, $block = 0)
{
global $_CONF, $_PAY_CONF, $LANG_PAYPAL_1, $LANG_PAYPAL_CART, $_USER, $_TABLES, $LANG_PAYPAL_ADMIN, $_SCRIPTS;
// JCART ARRAY HOLDS USER CONFIG SETTINGS
extract($jcart);
// ASSIGN USER CONFIG VALUES AS POST VAR LITERAL INDICES
// INDICES ARE THE HTML NAME ATTRIBUTES FROM THE USERS ADD-TO-CART FORM
$item_id = $_POST[$item_id];
$item_qty = $_POST[$item_qty];
$item_price = $_POST[$item_price];
//Todo if block==1 shorten name
$item_name = $_POST[$item_name];
$item_weight = $_POST[$item_weight];
// ADD AN ITEM
if ($_POST[$item_add]) {
$item_added = $this->add_item($item_id, $item_qty, $item_price, $item_name, $item_weight);
// IF NOT TRUE THE ADD ITEM FUNCTION RETURNS THE ERROR TYPE
if ($item_added !== true) {
$error_type = $item_added;
switch ($error_type) {
case 'qty':
$error_message = $text['quantity_error'];
break;
case 'price':
$error_message = $text['price_error'];
break;
}
}
}
// UPDATE A SINGLE ITEM
// CHECKING POST VALUE AGAINST $text ARRAY FAILS?? HAVE TO CHECK AGAINST $jcart ARRAY
if ($_POST['jcart_update_item'] == $jcart['text']['update_button']) {
$item_updated = $this->update_item($_POST['item_id'], $_POST['item_qty']);
if ($item_updated !== true) {
$error_message = $text['quantity_error'];
}
}
// UPDATE ALL ITEMS IN THE CART
if ($_POST['jcart_update_cart'] || $_POST['jcart_checkout']) {
$cart_updated = $this->update_cart();
if ($cart_updated !== true) {
$error_message = $text['quantity_error'];
}
}
// REMOVE AN ITEM
if ($_GET['jcart_remove'] && !$_POST[$item_add] && !$_POST['jcart_update_cart'] && !$_POST['jcart_check_out']) {
$this->del_item($_GET['jcart_remove']);
}
// EMPTY THE CART
if ($_POST['jcart_empty']) {
$this->empty_cart();
}
// DETERMINE WHICH TEXT TO USE FOR THE NUMBER OF ITEMS IN THE CART
if ($this->itemcount > 1) {
$text['items_in_cart'] = $text['multiple_items'];
}
if ($this->itemcount <= 1) {
$text['items_in_cart'] = $text['single_item'];
}
// DETERMINE IF THIS IS THE CHECKOUT PAGE
// WE FIRST CHECK THE REQUEST URI AGAINST THE USER CONFIG CHECKOUT (SET WHEN THE VISITOR FIRST CLICKS CHECKOUT)
// WE ALSO CHECK FOR THE REQUEST VAR SENT FROM HIDDEN INPUT SENT BY AJAX REQUEST (SET WHEN VISITOR HAS JAVASCRIPT ENABLED AND UPDATES AN ITEM QTY)
$is_checkout = strpos($_SERVER['REQUEST_URI'], $form_action);
if ($is_checkout !== false || $_REQUEST['jcart_is_checkout'] == 'true') {
$is_checkout = true;
} else {
$is_checkout = false;
}
$retval = '';
// OVERWRITE THE CONFIG FORM ACTION TO POST TO jcart-gateway.php INSTEAD OF POSTING BACK TO CHECKOUT PAGE
// THIS ALSO ALLOWS US TO VALIDATE PRICES BEFORE SENDING CART CONTENTS TO PAYPAL
if ($is_checkout == true) {
$form_action = $_PAY_CONF['site_url'] . '/jcart/jcart-gateway.php';
} else {
$form_action = $_PAY_CONF['site_url'] . '/checkout.php';
}
// DEFAULT INPUT TYPE
// CAN BE OVERRIDDEN IF USER SETS PATHS FOR BUTTON IMAGES
$input_type = 'submit';
// IF THIS ERROR IS TRUE THE VISITOR UPDATED THE CART FROM THE CHECKOUT PAGE USING AN INVALID PRICE FORMAT
// PASSED AS A SESSION VAR SINCE THE CHECKOUT PAGE USES A HEADER REDIRECT
// IF PASSED VIA GET THE QUERY STRING STAYS SET EVEN AFTER SUBSEQUENT POST REQUESTS
if ($_SESSION['quantity_error'] == true) {
$error_message = $text['quantity_error'];
unset($_SESSION['quantity_error']);
}
// OUTPUT THE CART
if ($is_checkout == true && $block == 1) {
return $LANG_PAYPAL_CART['checkout'] . '...';
}
// DISPLAY THE CART HEADER
$cart = COM_newTemplate($_CONF['path'] . 'plugins/paypal/templates');
if ($_REQUEST['pay_by'] == 'check' && $block == 0) {
$cart->set_file(array('cart_start' => 'cart_start_check.thtml', 'cart_item' => 'cart_item_check.thtml', 'cart_empty' => 'cart_empty.thtml', 'cart_end' => 'cart_end_check.thtml'));
} else {
if ($block == 0) {
$cart->set_file(array('cart_start' => 'cart_start.thtml', 'cart_item' => 'cart_item.thtml', 'cart_empty' => 'cart_empty.thtml', 'cart_end' => 'cart_end.thtml'));
} else {
$cart->set_file(array('cart_start' => 'cart_block_start.thtml', 'cart_item' => 'cart_block_item.thtml', 'cart_empty' => 'cart_empty.thtml', 'cart_end' => 'cart_block_end.thtml'));
}
}
if ($is_checkout == true) {
$steps = '<ul id="ULcheckoutProcedure">
<li id="LIactiveStep">' . $LANG_PAYPAL_1['checkout_step_1'] . '</li>
<li>' . $LANG_PAYPAL_1['checkout_step_2'] . '</li>
<li>' . $LANG_PAYPAL_1['checkout_step_3'] . '</li>
</ul>';
$cart->set_var('steps', $steps);
} else {
if ($_REQUEST['pay_by'] == 'check' || PAYBYCHECK == true) {
PAYBYCHECK == true;
$steps = '<ul id="ULcheckoutProcedure">
<li>' . $LANG_PAYPAL_1['checkout_step_1'] . '</li>
<li id="LIactiveStep">' . $LANG_PAYPAL_1['checkout_step_2'] . '</li>
<li>' . $LANG_PAYPAL_1['checkout_step_3'] . '</li>
</ul>';
$cart->set_var('steps', $steps);
} else {
$cart->set_var('steps', '');
}
}
if ($_REQUEST['pay_by'] == 'check' && $block == 0) {
// Get details to edit and display the form on informations.php page
if (!COM_isAnonUser()) {
$sql = "SELECT * FROM {$_TABLES['paypal_users']} WHERE user_id = {$_USER['uid']}";
$res = DB_query($sql);
$A = DB_fetchArray($res);
if ($A['user_id'] == '' && SEC_hasRights('paypal.admin')) {
$A['user_id'] = $_REQUEST['uid'];
}
if ($A['user_id'] == '') {
$A['user_id'] = $_USER['uid'];
}
$informations = '<h2>' . $LANG_PAYPAL_1['review_details'] . '</h2>';
$informations .= '<p>' . $LANG_PAYPAL_1['confirm_order_check'] . '</p>';
$informations .= '<div style="margin:25px;">' . PAYPAL_getDetailsForm($A, $_PAY_CONF['site_url'] . '/details.php?mode=save', $LANG_PAYPAL_1['confirm_order_button'], $_GET['shipping']) . '</div>';
$cart->set_var('informations', $informations);
}
}
// IF THERE'S AN ERROR MESSAGE WRAP IT IN SOME HTML
if ($error_message) {
$error_message = "<p class='jcart-error'>{$error_message}</p>";
$cart->set_var('error_message', $error_message);
} else {
$cart->set_var('error_message', '');
}
$cart->set_var('xhtml', XHTML);
$cart->set_var('form_action', $form_action);
$cart->set_var('cart_title', $text['cart_title']);
$cart->set_var('itemcount', $this->itemcount . " " . $text['items_in_cart']);
$cart->set_var('description', $text['description']);
$cart->set_var('unit_price', $text['unit_price']);
$cart->set_var('quantity', $text['quantity']);
$cart->set_var('item_price', $text['item_price']);
$retval .= $cart->parse('', 'cart_start');
// IF ANY ITEMS IN THE CART
if ($this->itemcount > 0) {
define("CART_EMPTY", false);
$categories = array();
// DISPLAY LINE ITEMS
foreach ($this->get_contents() as $item) {
// ADD THE ITEM ID AS THE INPUT ID ATTRIBUTE
// THIS ALLOWS US TO ACCESS THE ITEM ID VIA JAVASCRIPT ON QTY CHANGE, AND THEREFORE UPDATE THE CORRECT ITEM
// NOTE THAT THE ITEM ID IS ALSO PASSED AS A SEPARATE FIELD FOR PROCESSING VIA PHP
$cart->set_var('name', $item['name']);
$cart->set_var('id', $item['id']);
//GET ALL PRODUCTS CATEGORIES
$cat = DB_getItem($_TABLES['paypal_products'], 'cat_id', 'id=' . PAYPAL_realId($item['id']));
if ($cat != 0) {
$categories[] .= $cat;
}
$cart->set_var('price', number_format($item['price'], $_CONF['decimal_count'], $_CONF['decimal_separator'], $_CONF['thousand_separator']));
$cart->set_var('currency_symbol', $text['currency_symbol']);
$cart->set_var('qty', $item['qty']);
$cart->set_var('subtotal', number_format($item['subtotal'], $_CONF['decimal_count'], $_CONF['decimal_separator'], $_CONF['thousand_separator']));
$cart->set_var('remove_png', $_PAY_CONF['site_url'] . '/images/remove.png');
$cart->set_var('remove', $LANG_PAYPAL_CART['remove']);
$retval .= $cart->parse('', 'cart_item');
}
} else {
define("CART_EMPTY", true);
$cart->set_var('empty', '<strong>' . $text['empty_message'] . '</strong>');
$retval .= $cart->parse('', 'cart_empty');
}
// DISPLAY THE CART FOOTER
//Subtotal
$block == 0 ? $cart->set_var('subtotal', $text['subtotal'] . ' <strong>' . number_format($this->total, $_CONF['decimal_count'], $_CONF['decimal_separator'], $_CONF['thousand_separator']) . ' ' . $text['currency_symbol'] . '</strong>') : $cart->set_var('subtotal', '<strong>' . number_format($this->total, $_CONF['decimal_count'], $_CONF['decimal_separator'], $_CONF['thousand_separator']) . ' ' . $text['currency_symbol'] . '</strong>');
// IF THIS IS THE CHECKOUT HIDE THE CART CHECKOUT BUTTON
if ($is_checkout !== true && $_REQUEST['pay_by'] != 'check') {
if ($button['checkout']) {
$input_type = 'image';
$src = ' src="' . $button['checkout'] . '" alt="' . $text['checkout_button'] . '" title="" ';
}
$cart->set_var('checkout', '<input type="' . $input_type . '" ' . $src . 'id="jcart-checkout" name="jcart_checkout" class="jcart-button" value="' . $text['checkout_button'] . '" />');
} else {
$cart->set_var('checkout', '');
}
$retval .= $cart->parse('', 'cart_end');
//Update and empty button
if ($block == 0) {
$retval .= "\t\t\t<div class='jcart-hide'>\n";
if ($button['update']) {
$input_type = 'image';
$src = ' src="' . $button['update'] . '" alt="' . $text['update_button'] . '" title="" ';
}
$retval .= "\t\t\t\t<input type='" . $input_type . "' " . $src . "name='jcart_update_cart' value='" . $text['update_button'] . "' class='jcart-button' />\n";
if ($button['empty']) {
$input_type = 'image';
$src = ' src="' . $button['empty'] . '" alt="' . $text['empty_button'] . '" title="" ';
}
$retval .= "\t\t\t\t<input type='" . $input_type . "' " . $src . "name='jcart_empty' value='" . $text['empty_button'] . "' class='jcart-button' />\n";
$retval .= "\t\t\t</div>\n";
}
$retval .= "\t\t\t\t\t</td>\n";
$retval .= "\t\t\t\t</tr>\n";
$retval .= "\t\t\t</table>\n\n";
// IF THIS IS THE CHECKOUT DISPLAY THE PAYPAL CHECKOUT BUTTON AND SHIPPING RATE
if ($is_checkout == true && $block == 0 && $this->itemcount > 0 || $_REQUEST['pay_by'] == 'check' && $block == 0) {
// HIDDEN INPUT ALLOWS US TO DETERMINE IF WE'RE ON THE CHECKOUT PAGE
// WE NORMALLY CHECK AGAINST REQUEST URI BUT AJAX UPDATE SETS VALUE TO jcart-relay.php
$retval .= "\t\t\t<input type='hidden' id='jcart-is-checkout' name='jcart_is_checkout' value='true' />\n";
$weight = $this->totalweight;
$weight = str_replace(",", ".", $weight);
$weight = preg_replace('/[^\\d.]/', '', $weight);
//WEIGHT
$retval .= "\t\t\t<input type='hidden' id='weight' name='weight' value='{$weight}' />\n";
//SHIPPING RATE
$shipping = COM_newTemplate($_CONF['path'] . 'plugins/paypal/templates');
$shipping->set_file(array('cart_shipping' => 'cart_shipping.thtml'));
$shipping->set_var('choose_shipping', $LANG_PAYPAL_CART['choose_shipping']);
if ($weight > 0) {
//SHIPPER SERVICE
$sql = "SELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM {$_TABLES['paypal_shipping_cost']} AS sc\n\t\t\t\t\tLEFT JOIN {$_TABLES['paypal_shipper_service']} AS ss\n\t\t\t\t\tON sc.shipping_shipper_id = ss.shipper_service_id\n\t\t\t\t\tLEFT JOIN {$_TABLES['paypal_shipping_to']} AS st\n\t\t\t\t\tON sc.shipping_destination_id = st.shipping_to_id\n\t\t\t\t\tWHERE '{$weight}' > sc.shipping_min AND '{$weight}' < sc.shipping_max\n\t\t\t\t\tORDER by st.shipping_to_order, sc.shipping_amt ASC\n\t\t\t\t\t";
$res = DB_query($sql);
if (DB_numRows($res) > 0) {
$i = 0;
while ($A = DB_fetchArray($res)) {
if ($_GET['shipping'] != '' && $_GET['shipping'] == $A['shipping_amt']) {
$checked = ' checked';
$skip = 0;
} else {
if ($_GET['shipping'] != '') {
$checked = '';
$skip = 1;
} else {
if ($i == 0) {
$checked = ' checked';
} else {
$checked = '';
}
}
}
if ((count($categories) == 1 && in_array($A['shipper_service_exclude_cat'], $categories) || $A['shipper_service_exclude_cat'] == 0 || count($categories) == 0) && $skip == 0) {
$shippers_radio .= '<p><input type="radio" name="shipping" value="' . $A['shipping_amt'] . '"' . $checked . ' /> ' . $A['shipping_to_name'] . ' | ' . $A['shipper_service_name'] . ' - ' . $A['shipper_service_service'] . '<span style="text-align:right; font-weight:bold; display:block; float:right;">+ ' . $A['shipping_amt'] . ' ' . $_PAY_CONF['currency'] . '</span></p>' . LB;
$i++;
}
}
} else {
$shippers_radio = '<p><input type="radio" name="shipping" value="0.00" checked /> ' . $LANG_PAYPAL_CART['free_shipping'] . '<span style="text-align:right; font-weight:bold; display:block; float:right;">+ 0.00 ' . $_PAY_CONF['currency'] . '</span></p>';
}
} else {
$shippers_radio = '<p><input type="radio" name="shipping" value="0.00" checked /> ' . $LANG_PAYPAL_CART['free_shipping'] . '<span style="text-align:right; font-weight:bold; display:block; float:right;">+ 0.00 ' . $_PAY_CONF['currency'] . '</span></p>';
}
$shipping->set_var('shipping_radio_buttons', $shippers_radio);
$retval .= $shipping->parse('', 'cart_shipping');
// SEND THE URL OF THE CHECKOUT PAGE TO jcart-gateway.php
// WHEN JAVASCRIPT IS DISABLED WE USE A HEADER REDIRECT AFTER THE UPDATE OR EMPTY BUTTONS ARE CLICKED
$protocol = 'http://';
if (!empty($_SERVER['HTTPS'])) {
$protocol = 'https://';
}
$retval .= "\t\t\t<input type='hidden' id='jcart-checkout-page' name='jcart_checkout_page' value='" . $protocol . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . "' />\n";
// PAYPAL CHECKOUT BUTTON
if ($button['paypal_checkout']) {
$input_type = 'image';
$src = ' src="' . $button['paypal_checkout'] . '" alt="' . $text['checkout_paypal_button'] . '" title="" ';
}
if ($_REQUEST['pay_by'] != 'check') {
$retval .= '<h2 align="center">' . $LANG_PAYPAL_1['payment_method'] . '</h2>';
if ($_PAY_CONF['enable_pay_by_paypal']) {
$retval .= "\t\t\t<p><input type='" . $input_type . "' " . $src . "id='jcart-paypal-checkout' name='jcart_paypal_checkout' value='" . $text['checkout_paypal_button'] . "'" . $disable_paypal_checkout . " /></p>\n";
}
if ($is_checkout == true && $block == 0 && $this->itemcount > 0 && $_PAY_CONF['enable_pay_by_ckeck'] == 1) {
if (!COM_isAnonUser()) {
$js = 'function payby ( selectedtype )';
$js .= '{';
$js .= ' document.jcart.pay_by.value = selectedtype ;';
$js .= ' document.jcart.submit() ;';
$js .= '}';
$_SCRIPTS->setJavaScript($js, true);
$retval .= '<input type="hidden" name="pay_by" />';
$retval .= '<p> </p><p align="center"><a class="jcart_footer" href="javascript:payby(\'check\')">' . $LANG_PAYPAL_CART['payment_check'] . '</a></p><p> </p>';
}
}
}
}
$retval .= "\t</form>\n";
// IF UPDATING AN ITEM, FOCUS ON ITS QTY INPUT AFTER THE CART IS LOADED (DOESN'T SEEM TO WORK IN IE7)
if ($_POST['jcart_update_item']) {
$retval .= "\t" . '<script type="text/javascript">jQuery(function(){jQuery("#jcart-item-id-' . $_POST['item_id'] . '").focus()});</script>' . "\n";
}
$retval .= "\t<div class=\"jcart_footer\">\n";
//CONTINUE SHOPPING
if ($is_checkout == true && $block == 0) {
$retval .= '<hr style="margin-top:20px;"><p style="margin-top:10px;"><< <a class="jcart_footer" href="' . $_PAY_CONF['site_url'] . '/index.php">' . $LANG_PAYPAL_CART['continue_shopping'] . '</a></p>';
}
$retval .= "\t</div></div>\n";
return $retval;
}
// take user back to the homepage if the plugin is not active
if (!in_array('paypal', $_PLUGINS) || COM_isAnonUser() || $cart->itemcount < 1) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
/* Ensure sufficient privs to read this page */
paypal_access_check('paypal.user');
$vars = array('msg' => 'text', 'shipping' => 'text');
paypal_filterVars($vars, $_REQUEST);
/* valid price, access and active product only */
$items = array();
$i = 1;
$quantities = array();
$valid_prices = true;
foreach ($cart->get_contents() as $item) {
$realid = PAYPAL_realId($item['id']);
$item_id = $realid[0];
$items[$i] = $item['id'];
$namesfromcart[$i] = $item['name'];
$quantities[$i] = $item['qty'];
$item_price[$i] = $item['price'];
$A = DB_fetchArray(DB_query("SELECT * FROM {$_TABLES['paypal_products']} WHERE id = '{$item_id}' LIMIT 1"));
if ($item_price[$i] != PAYPAL_productPrice($A) || !SEC_hasAccess2($A) || $A['active'] != '1') {
$valid_prices = false;
}
$i++;
}
if ($valid_prices !== true) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
