$_SESSION["gids"][$i] = 0;
}
}
}
}
if ($rediractflag) {
Redirect("index.php?product_removed=yes");
}
}
$orderID = ordOrderProcessing($_GET["shippingMethodID"], $_GET["paymentMethodID"], $_GET["shippingAddressID"], $_GET["billingAddressID"], $shippingModuleFiles, $paymentModuleFiles, $_POST["order_comment"], $cc_number, $cc_holdername, $cc_expires, $cc_cvv, $_SESSION["log"], $smarty_mail, $shServiceID);
$_SESSION["newoid"] = $orderID;
cartClearCartContet();
if (is_bool($orderID)) {
RedirectProtected("index.php?order4_confirmation=yes" . "&shippingAddressID=" . $_GET["shippingAddressID"] . "&shippingMethodID=" . $_GET["shippingMethodID"] . "&billingAddressID=" . $_GET["billingAddressID"] . "&paymentMethodID=" . $_GET["paymentMethodID"] . "&payment_error=1");
} else {
RedirectProtected("index.php?order4_confirmation=yes" . "&order_success=yes&paymentMethodID=" . $_GET["paymentMethodID"] . "&orderID=" . $orderID);
}
}
if (isset($_GET["order_success"])) {
if (isset($_GET["orderID"]) && isset($_SESSION["newoid"]) && (int) $_SESSION["newoid"] == (int) $_GET["orderID"]) {
$paymentMethod = payGetPaymentMethodById($_GET["paymentMethodID"]);
$currentPaymentModule = modGetModuleObj($paymentMethod["module_id"], PAYMENT_MODULE);
if ($currentPaymentModule != null) {
$after_processing_html = $currentPaymentModule->after_processing_html($_GET["orderID"]);
} else {
$after_processing_html = "";
}
$smarty->assign("after_processing_html", $after_processing_html);
}
$smarty->assign("order_success", 1);
} else {
include $fileName;
}
$payment_methods = payGetAllPaymentMethods(true);
$payment_methodsToShow = array();
foreach ($payment_methods as $payment_method) {
if ($_GET["shippingMethodID"] == 0) {
$shippingMethodsToAllow = true;
} else {
$shippingMethodsToAllow = false;
foreach ($payment_method["ShippingMethodsToAllow"] as $ShippingMethod) {
if ((int) $_GET["shippingMethodID"] == (int) $ShippingMethod["SID"] && $ShippingMethod["allow"]) {
$shippingMethodsToAllow = true;
break;
}
}
}
if ($shippingMethodsToAllow) {
$payment_methodsToShow[] = $payment_method;
}
}
if (count($payment_methodsToShow) == 0) {
RedirectProtected("index.php?order4_confirmation=yes&" . "shippingAddressID=" . $_GET["shippingAddressID"] . "&" . "shippingMethodID=" . $_GET["shippingMethodID"] . "&" . "billingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"]) . "&" . "paymentMethodID=0" . (isset($_GET['shServiceID']) ? "&shServiceID=" . $_GET['shServiceID'] : ''));
}
$smarty->assign("shippingAddressID", $_GET["shippingAddressID"]);
$smarty->assign("billingAddressID", $_GET["billingAddressID"]);
$smarty->assign("shippingMethodID", $_GET["shippingMethodID"]);
$smarty->assign("strAddress", regGetAddressStr($_GET["billingAddressID"]));
$smarty->assign("payment_methods", $payment_methodsToShow);
$smarty->assign("payment_methods_count", count($payment_methodsToShow));
$smarty->assign("main_content_template", "order3_billing.tpl");
}
function ordOrderProcessing($shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $customers_comment, $cc_number, $cc_holdername, $cc_expires, $cc_cvv, $log, $smarty_mail, $shServiceID = 0)
{
$customerID = $log != null ? regGetIdByLogin($log) : NULL;
if ($log != null) {
$customerInfo = regGetCustomerInfo2($log);
} else {
$customerInfo['first_name'] = $_SESSION['first_name'];
$customerInfo['last_name'] = $_SESSION['last_name'];
$customerInfo['Email'] = $_SESSION['email'];
$customerInfo['affiliationLogin'] = $_SESSION['affiliationLogin'];
}
$order_time = get_current_time();
$frandl = mt_rand(3, 999);
$order_active_link = md5($order_time) . $frandl;
$customer_ip = stGetCustomerIP_Address();
$statusID = CONF_ACTIVE_ORDER == 1 ? 0 : ostGetNewOrderStatus();
$customer_affiliationLogin = isset($customerInfo['affiliationLogin']) ? $customerInfo['affiliationLogin'] : '';
$customer_email = $customerInfo['Email'];
$currencyID = currGetCurrentCurrencyUnitID();
if ($currencyID != 0) {
$currentCurrency = currGetCurrencyByID($currencyID);
$currency_code = $currentCurrency['currency_iso_3'];
$currency_value = $currentCurrency['currency_value'];
$currency_round = $currentCurrency['roundval'];
} else {
$currency_code = '';
$currency_value = 1;
$currency_round = 2;
}
// get shipping address
if ($shippingAddressID != 0) {
$shippingAddress = regGetAddress($shippingAddressID);
$shippingAddressCountry = cnGetCountryById($shippingAddress['countryID']);
$shippingAddress['country_name'] = $shippingAddressCountry['country_name'];
} else {
$shippingCountryName = cnGetCountryById($_SESSION['receiver_countryID']);
$shippingCountryName = $shippingCountryName['country_name'];
$shippingAddress['first_name'] = $_SESSION['receiver_first_name'];
$shippingAddress['last_name'] = $_SESSION['receiver_last_name'];
$shippingAddress['country_name'] = $shippingCountryName;
$shippingAddress['state'] = $_SESSION['receiver_state'];
$shippingAddress['city'] = $_SESSION['receiver_city'];
$shippingAddress['address'] = $_SESSION['receiver_address'];
$shippingAddress['zoneID'] = $_SESSION['receiver_zoneID'];
}
if (is_null($shippingAddress['state']) || trim($shippingAddress['state']) == '') {
$zone = znGetSingleZoneById($shippingAddress['zoneID']);
$shippingAddress['state'] = $zone['zone_name'];
}
// get billing address
if ($billingAddressID != 0) {
$billingAddress = regGetAddress($billingAddressID);
$billingAddressCountry = cnGetCountryById($billingAddress['countryID']);
$billingAddress['country_name'] = $billingAddressCountry['country_name'];
} else {
$billingCountryName = cnGetCountryById($_SESSION['billing_countryID']);
$billingCountryName = $billingCountryName['country_name'];
$billingAddress['first_name'] = $_SESSION['billing_first_name'];
$billingAddress['last_name'] = $_SESSION['billing_last_name'];
$billingAddress['country_name'] = $billingCountryName;
$billingAddress['state'] = $_SESSION['billing_state'];
$billingAddress['city'] = $_SESSION['billing_city'];
$billingAddress['address'] = $_SESSION['billing_address'];
$billingAddress['zoneID'] = $_SESSION['billing_zoneID'];
}
if (is_null($billingAddress['state']) || trim($billingAddress['state']) == '') {
$zone = znGetSingleZoneById($billingAddress['zoneID']);
$billingAddress['state'] = $zone['zone_name'];
}
$cartContent = cartGetCartContent();
foreach ($cartContent['cart_content'] as $key => $cartItem) {
if (!empty($cartItem['opt_margin']) && $paymentMethodID == 2) {
$cost = $cartItem['costUC'];
$margin = $cost / 100 * CONF_PERCENT_MARGIN;
$cost += $margin;
$costShow = show_price($cost * $cartItem['quantity']);
$cartContent['cart_content'][$key]['costUC'] = $cost;
$cartContent['cart_content'][$key]['cost'] = $costShow;
}
}
if ($log != null) {
$addresses = array($shippingAddressID, $billingAddressID);
} else {
$addresses = array(array('countryID' => $_SESSION['receiver_countryID'], 'zoneID' => $_SESSION['receiver_zoneID']), array('countryID' => $_SESSION['billing_countryID'], 'zoneID' => $_SESSION['billing_zoneID']));
}
$orderDetails = array('first_name' => $shippingAddress['first_name'], 'last_name' => $shippingAddress['last_name'], 'email' => $customerInfo['Email'], 'order_amount' => oaGetOrderAmountExShippingRate($cartContent, $addresses, $log, FALSE));
$shippingMethod = shGetShippingMethodById($shippingMethodID);
$shipping_email_comments_text = $shippingMethod['email_comments_text'];
$shippingName = $shippingMethod['Name'];
$paymentMethod = payGetPaymentMethodById($paymentMethodID);
$paymentName = $paymentMethod['Name'];
$payment_email_comments_text = $paymentMethod['email_comments_text'];
if (isset($paymentMethod['calculate_tax']) && (int) $paymentMethod['calculate_tax'] == 0) {
$order_amount = oaGetOrderAmount($cartContent, $addresses, $shippingMethodID, $log, $orderDetails, TRUE, $shServiceID);
$d = oaGetDiscountPercent($cartContent, $log);
$tax = 0;
$shipping_costUC = oaGetShippingCostTakingIntoTax($cartContent, $shippingMethodID, $addresses, $orderDetails, FALSE, $shServiceID, TRUE);
$discount_percent = oaGetDiscountPercent($cartContent, $log);
} else {
$order_amount = oaGetOrderAmount($cartContent, $addresses, $shippingMethodID, $log, $orderDetails, TRUE, $shServiceID);
$d = oaGetDiscountPercent($cartContent, $log);
$tax = oaGetProductTax($cartContent, $d, $addresses);
$shipping_costUC = oaGetShippingCostTakingIntoTax($cartContent, $shippingMethodID, $addresses, $orderDetails, TRUE, $shServiceID, TRUE);
$discount_percent = oaGetDiscountPercent($cartContent, $log);
}
$shServiceInfo = '';
if (is_array($shipping_costUC)) {
list($shipping_costUC) = $shipping_costUC;
$shServiceInfo = $shipping_costUC['name'];
$shipping_costUC = $shipping_costUC['rate'];
}
$paymentMethod = payGetPaymentMethodById($paymentMethodID);
if ($paymentMethod) {
$currentPaymentModule = modGetModuleObj($paymentMethod['module_id'], PAYMENT_MODULE);
} else {
$currentPaymentModule = null;
}
if ($currentPaymentModule != null) {
//define order details for payment module
$order_payment_details = array('customer_email' => $customer_email, 'customer_ip' => $customer_ip, 'order_amount' => $order_amount, 'currency_code' => $currency_code, 'currency_value' => $currency_value, 'shipping_cost' => $shipping_costUC, 'order_tax' => $tax, 'shipping_info' => $shippingAddress, 'billing_info' => $billingAddress);
$process_payment_result = $currentPaymentModule->payment_process($order_payment_details);
//gets payment processing result
if (!($process_payment_result == 1)) {
//die ($process_payment_result);
if (isset($_POST)) {
$_SESSION['order4confirmation_post'] = $_POST;
}
xSaveData('PaymentError', $process_payment_result);
if (!$customerID) {
RedirectProtected('index.php?order4_confirmation_quick=yes' . '&shippingMethodID=' . $_GET['shippingMethodID'] . '&paymentMethodID=' . $_GET['paymentMethodID'] . '&shServiceID=' . $shServiceID);
} else {
RedirectProtected('index.php?order4_confirmation=yes' . '&shippingAddressID=' . $_GET['shippingAddressID'] . '&shippingMethodID=' . $_GET['shippingMethodID'] . '&billingAddressID=' . $_GET['billingAddressID'] . '&paymentMethodID=' . $_GET['paymentMethodID'] . '&shServiceID=' . $shServiceID);
}
return false;
}
}
$customerID = (int) $customerID;
// debug($cartContent['cart_content']);
//
// exit;
$sql = 'INSERT INTO ' . ORDERS_TABLE . '
SET
customerID = ' . (int) $customerID . ',
order_time = "' . xEscSQL($order_time) . '",
customer_ip = "' . xToText($customer_ip) . '",
shipping_type = "' . xToText($shippingName) . '",
payment_type = "' . xToText($paymentName) . '",
customers_comment = "' . xToText($customers_comment) . '",
statusID = ' . (int) $statusID . ',
shipping_cost = "' . (double) $shipping_costUC . '",
order_discount = "' . (double) $discount_percent . '",
order_amount= "' . (double) $order_amount . '",
currency_code = "' . xEscSQL($currency_code) . '",
currency_value = "' . (double) $currency_value . '",
customer_firstname = "' . xToText($customerInfo['first_name']) . '",
customer_lastname = "' . xToText($customerInfo['last_name']) . '",
customer_email = "' . xToText($customer_email) . '",
shipping_firstname = "' . xToText($shippingAddress['first_name']) . '",
shipping_lastname = "' . xToText($shippingAddress['last_name']) . '",
shipping_country= "' . xToText($shippingAddress['country_name']) . '",
shipping_state= "' . xToText($shippingAddress['state']) . '",
shipping_city= "' . xToText($shippingAddress['city']) . '",
shipping_address= "' . xToText($shippingAddress['address']) . '",
billing_firstname= "' . xToText($billingAddress['first_name']) . '",
billing_lastname= "' . xToText($billingAddress['last_name']) . '",
billing_country= "' . xToText($billingAddress['country_name']) . '",
billing_state= "' . xToText($billingAddress['state']) . '",
billing_city= "' . xToText($billingAddress['city']) . '",
billing_address= "' . xToText($billingAddress['address']) . '",
cc_number= "' . xEscSQL($cc_number) . '",
cc_holdername= "' . xToText($cc_holdername) . '",
cc_expires= "' . xEscSQL($cc_expires) . '",
cc_cvv= "' . xEscSQL($cc_cvv) . '",
affiliateID= "' . (isset($_SESSION['refid']) ? $_SESSION['refid'] : regGetIdByLogin($customer_affiliationLogin)) . '",
shippingServiceInfo= "' . $shServiceInfo . '",
custlink= "' . xEscSQL($order_active_link) . '",
currency_round= "' . (int) $currency_round . '",
paymethod= ' . (int) $paymentMethodID;
db_query($sql);
$orderID = db_insert_id(ORDERS_TABLE);
if (!CONF_ACTIVE_ORDER) {
stChangeOrderStatus($orderID, $statusID);
}
$paymentMethod = payGetPaymentMethodById($paymentMethodID);
if ($paymentMethod) {
$currentPaymentModule = modGetModuleObj($paymentMethod['module_id'], PAYMENT_MODULE);
// $currentPaymentModule = payGetPaymentModuleById( $paymentMethod['module_id'], $paymentModulesFiles );
} else {
$currentPaymentModule = null;
}
//save shopping cart content to database and update in-stock information
if ($log != null) {
cartMoveContentFromShoppingCartsToOrderedCarts($orderID, $shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $smarty_mail);
} else {
_moveSessionCartContentToOrderedCart($orderID, $paymentMethodID);
//update in-stock information
if ($statusID != ostGetCanceledStatusId() && CONF_CHECKSTOCK) {
$q1 = db_query('select itemID, Quantity FROM ' . ORDERED_CARTS_TABLE . ' WHERE orderID=' . (int) $orderID);
while ($item = db_fetch_row($q1)) {
$q2 = db_query('select productID FROM ' . SHOPPING_CART_ITEMS_TABLE . ' WHERE itemID=' . (int) $item['itemID']);
$pr = db_fetch_row($q2);
if ($pr) {
db_query('update ' . PRODUCTS_TABLE . ' set in_stock = in_stock - ' . (int) $item['Quantity'] . ' where productID=' . (int) $pr[0]);
$q = db_query('select name, in_stock FROM ' . PRODUCTS_TABLE . ' WHERE productID=' . (int) $pr[0]);
$productsta = db_fetch_row($q);
if ($productsta[1] == 0) {
if (CONF_AUTOOFF_STOCKADMIN) {
db_query('update ' . PRODUCTS_TABLE . ' set enabled=0 where productID=' . (int) $pr[0]);
}
if (CONF_NOTIFY_STOCKADMIN) {
$smarty_mail->assign('productstaname', $productsta[0]);
$smarty_mail->assign('productstid', $pr[0]);
$stockadmin = $smarty_mail->fetch('notify_stockadmin.tpl');
$ressta = xMailTxtHTMLDATA(CONF_ORDERS_EMAIL, CUSTOMER_ACTIVATE_99 . ' - ' . CONF_SHOP_NAME, $stockadmin);
}
}
}
}
}
//now save registration form aux fields into CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG
//for quick checkout orders these fields are stored separately than for registered customer (SS_customers)
db_query('delete from ' . CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG . ' where orderID=' . (int) $orderID);
foreach ($_SESSION as $key => $val) {
if (strstr($key, 'additional_field_') && strlen(trim($val)) > 0) {
$id = (int) str_replace('additional_field_', '', $key);
if ($id > 0) {
db_query('insert into ' . CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG . ' (orderID, reg_field_ID, reg_field_value) values (' . (int) $orderID . ', ' . (int) $id . ', "' . xToText(trim($val)) . '");');
}
}
}
}
if ($currentPaymentModule != null) {
$currentPaymentModule->after_processing_php($orderID);
}
_sendOrderNotifycationToAdmin($orderID, $smarty_mail, $tax);
_sendOrderNotifycationToCustomer($orderID, $smarty_mail, $customerInfo['Email'], $log, $payment_email_comments_text, $shipping_email_comments_text, $tax, $order_active_link);
if ($log == null) {
_quickOrderUnsetSession();
}
unset($_SESSION['order4confirmation_post']);
return $orderID;
}
$result_methods = array();
$result_costs = array();
foreach ($shipping_methods as $key => $shipping_method) {
if ($shipping_costs[$key] != 'n/a') {
$result_methods[] = $shipping_method;
$result_costs[] = $shipping_costs[$key];
}
}
$shipping_methods = $result_methods;
$shipping_costs = $result_costs;
if (isset($_POST["continue_button"])) {
$_POST['shServiceID'] = isset($_POST['shServiceID'][$_POST['select_shipping_method']]) ? $_POST['shServiceID'][$_POST['select_shipping_method']] : 0;
if (!isset($_GET["defaultBillingAddressID"])) {
RedirectProtected("index.php?order3_billing=yes&" . "shippingAddressID=" . $_GET["shippingAddressID"] . "&" . "shippingMethodID=" . $_POST["select_shipping_method"] . "&" . "billingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"]) . "&shServiceID=" . $_POST['shServiceID']);
} else {
RedirectProtected("index.php?order3_billing=yes&" . "shippingAddressID=" . $_GET["shippingAddressID"] . "&" . "shippingMethodID=" . $_POST["select_shipping_method"] . "&" . "billingAddressID=" . $_GET["defaultBillingAddressID"] . "&shServiceID=" . $_POST['shServiceID']);
}
}
if (count($shipping_methods) == 0) {
RedirectProtected("index.php?order3_billing=yes&" . "shippingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"]) . "&" . "shippingMethodID=0&" . "billingAddressID=" . regGetDefaultAddressIDByLogin($_SESSION["log"]));
}
if (isset($_GET["defaultBillingAddressID"])) {
$smarty->assign("defaultBillingAddressID", $_GET["defaultBillingAddressID"]);
}
$smarty->assign("shippingAddressID", $_GET["shippingAddressID"]);
$smarty->assign("strAddress", $strAddress);
$smarty->assign("shipping_costs", $shipping_costs);
$smarty->assign("shipping_methods", $shipping_methods);
$smarty->assign("shipping_methods_count", count($shipping_methods));
$smarty->assign("main_content_template", "order2_shipping.tpl");
}
function regAuthenticate($login, $password, $Redirect = true)
{
$sql = '
SELECT DISTINCT
cust_password,
CID,
ActivationCode
FROM ' . CUSTOMERS_TABLE . '
WHERE Login="******"';
$q = db_query($sql);
$row = db_fetch_row($q);
if (CONF_ENABLE_REGCONFIRMATION && $row['ActivationCode']) {
if ($Redirect) {
RedirectProtected(set_query('&act_customer=1¬act=1'));
} else {
return false;
}
}
if ($row && strlen(trim($login)) > 0) {
if ($row["cust_password"] == cryptPasswordCrypt($password, null)) {
// set session variables
$_SESSION["log"] = $login;
$_SESSION["pass"] = cryptPasswordCrypt($password, null);
$_SESSION["current_currency"] = $row["CID"];
// update statistic
stAddCustomerLog($login);
// move cart content into DB
moveCartFromSession2DB();
return true;
}
}
return false;
}
$shippingMethodsToAllow = true;
} else {
$shippingMethodsToAllow = false;
foreach ($payment_method["ShippingMethodsToAllow"] as $ShippingMethod) {
if ((int) $_GET["shippingMethodID"] == (int) $ShippingMethod["SID"] && $ShippingMethod["allow"]) {
$shippingMethodsToAllow = true;
break;
}
}
}
if ($shippingMethodsToAllow) {
$payment_methodsToShow[] = $payment_method;
}
}
return $payment_methodsToShow;
}
if (isset($_POST["continue_button"])) {
RedirectProtected("index.php?order4_confirmation_quick=yes&shippingMethodID=" . $_GET["shippingMethodID"] . "&" . "paymentMethodID=" . $_POST["select_payment_method"] . (isset($_GET['shServiceID']) ? "&shServiceID=" . $_GET['shServiceID'] : ''));
}
$payment_methods = payGetAllPaymentMethods(true);
$payment_methodsToShow = _getPaymentMethodsToShow($payment_methods);
if (count($payment_methodsToShow) == 0) {
RedirectProtected("index.php?order4_confirmation_quick=yes&shippingMethodID=" . $_GET["shippingMethodID"] . "&" . "paymentMethodID=0" . (isset($_GET['shServiceID']) ? "&shServiceID=" . $_GET['shServiceID'] : ''));
}
$strAddress = quickOrderGetBillingAddressStr();
//TransformDataBaseStringToText( quickOrderGetBillingAddressStr() );
$smarty->assign("strAddress", $strAddress);
$smarty->assign("payment_methods", $payment_methodsToShow);
$smarty->assign("payment_methods_count", count($payment_methodsToShow));
$smarty->assign("main_content_template", "order3_billing_quick.tpl");
}
$shipping_costs[$_i][$_t]['rate'] = '';
}
}
}
}
return $shipping_costs;
}
$order = _getOrder();
$strAddress = quickOrderGetReceiverAddressStr();
$shipping_methods = shGetAllShippingMethods(true);
if (isset($_POST["continue_button"])) {
$_POST['shServiceID'] = isset($_POST['shServiceID'][$_POST['select_shipping_method']]) ? $_POST['shServiceID'][$_POST['select_shipping_method']] : 0;
RedirectProtected("index.php?order3_billing_quick=yes&shippingMethodID=" . $_POST["select_shipping_method"] . "&shServiceID=" . $_POST['shServiceID']);
}
if (count($shipping_methods) == 0) {
RedirectProtected("index.php?order3_billing_quick=yes&shippingMethodID=0");
}
$shipping_costs = _getShippingCosts($shipping_methods, $order, $moduleFiles);
$result_methods = array();
$result_costs = array();
foreach ($shipping_methods as $key => $shipping_method) {
if ($shipping_costs[$key] != 'n/a') {
$result_methods[] = $shipping_method;
$result_costs[] = $shipping_costs[$key];
}
}
$shipping_methods = $result_methods;
$shipping_costs = $result_costs;
$smarty->assign("strAddress", $strAddress);
$smarty->assign("shipping_costs", $shipping_costs);
$smarty->assign("shipping_methods", $shipping_methods);
