function validate () { if (apply_filters('ecart_valid_order',$this->isvalid())) return true; ecart_redirect( ecarturl(false,'checkout',$this->security()) ); }
/** * Handles loading, saving and deleting categories in a workflow context * * @since 1.0 * @return void **/ function workflow () { global $Ecart; $db =& DB::get(); $defaults = array( 'page' => false, 'deleting' => false, 'delete' => false, 'id' => false, 'save' => false, 'duplicate' => false, 'next' => false ); $args = array_merge($defaults,$_REQUEST); extract($args,EXTR_SKIP); if (!defined('WP_ADMIN') || !isset($page) || $page != $this->Admin->pagename('categories')) return false; $adminurl = admin_url('admin.php'); if ($page == $this->Admin->pagename('categories') && !empty($deleting) && !empty($delete) && is_array($delete)) { foreach($delete as $deletion) { $Category = new Category($deletion); if (empty($Category->id)) continue; $db->query("UPDATE $Category->_table SET parent=0 WHERE parent=$Category->id"); $Category->delete(); } $redirect = (add_query_arg(array_merge($_GET,array('delete'=>null,'deleting'=>null)),$adminurl)); ecart_redirect($redirect); } if ($id && $id != "new") $Ecart->Category = new Category($id); else $Ecart->Category = new Category(); if ($save) { $this->save($Ecart->Category); $this->Notice = '<strong>'.stripslashes($Ecart->Category->name).'</strong> '.__('has been saved.','Ecart'); if ($next) { if ($next != "new") $Ecart->Category = new Category($next); else $Ecart->Category = new Category(); } else { if (empty($id)) $id = $Ecart->Category->id; $Ecart->Category = new Category($id); } } }
/** * Processes cart requests and updates the cart data * * @since 1.0 * * @return void **/ function request () { global $Ecart; if (isset($_REQUEST['checkout'])) ecart_redirect(ecarturl(false,'checkout',$Ecart->Order->security())); if (isset($_REQUEST['shopping'])) ecart_redirect(ecarturl()); if (isset($_REQUEST['shipping'])) { if (!empty($_REQUEST['shipping']['postcode'])) // Protect input field from XSS $_REQUEST['shipping']['postcode'] = esc_attr($_REQUEST['shipping']['postcode']); do_action_ref_array('ecart_update_destination',array($_REQUEST['shipping'])); if (!empty($_REQUEST['shipping']['country']) || !empty($_REQUEST['shipping']['postcode'])) $this->changed(true); } if (!empty($_REQUEST['promocode'])) { $this->promocode = esc_attr($_REQUEST['promocode']); $this->changed(true); } if (!isset($_REQUEST['cart'])) $_REQUEST['cart'] = false; if (isset($_REQUEST['remove'])) $_REQUEST['cart'] = "remove"; if (isset($_REQUEST['update'])) $_REQUEST['cart'] = "update"; if (isset($_REQUEST['empty'])) $_REQUEST['cart'] = "empty"; if (!isset($_REQUEST['quantity'])) $_REQUEST['quantity'] = 1; switch($_REQUEST['cart']) { case "add": $products = array(); // List of products to add if (isset($_REQUEST['product'])) $products[] = $_REQUEST['product']; if (!empty($_REQUEST['products']) && is_array($_REQUEST['products'])) $products = array_merge($products,$_REQUEST['products']); if (empty($products)) break; foreach ($products as $id => $product) { if (isset($product['quantity']) && $product['quantity'] == '0') continue; $quantity = (empty($product['quantity']) && $product['quantity'] !== 0)?1:$product['quantity']; // Add 1 by default $Product = new Product($product['product']); $pricing = false; if (!empty($product['options'][0])) $pricing = $product['options']; elseif (isset($product['price'])) $pricing = $product['price']; $category = false; if (!empty($product['category'])) $category = $product['category']; $data = array(); if (!empty($product['data'])) $data = $product['data']; $addons = array(); if (isset($product['addons'])) $addons = $product['addons']; if (!empty($Product->id)) { if (isset($product['item'])) $result = $this->change($product['item'],$Product,$pricing); else $result = $this->add($quantity,$Product,$pricing,$category,$data,$addons); } } break; case "remove": if (!empty($this->contents)) $this->remove(current($_REQUEST['remove'])); break; case "empty": $this->clear(); break; default: if (isset($_REQUEST['item']) && isset($_REQUEST['quantity'])) { $this->update($_REQUEST['item'],$_REQUEST['quantity']); } elseif (!empty($_REQUEST['items'])) { foreach ($_REQUEST['items'] as $id => $item) { if (isset($item['quantity'])) { $item['quantity'] = ceil(preg_replace('/[^\d\.]+/','',$item['quantity'])); if (!empty($item['quantity'])) $this->update($id,$item['quantity']); if (isset($_REQUEST['remove'][$id])) $this->remove($_REQUEST['remove'][$id]); } if (isset($item['product']) && isset($item['price']) && $item['product'] == $this->contents[$id]->product && $item['price'] != $this->contents[$id]->priceline) { $Product = new Product($item['product']); $this->change($id,$Product,$item['price']); } } } } do_action('ecart_cart_updated',$this); }
function process () { global $Ecart; if ($this->settings['verify'] == "on" && !$this->verify($_POST['key'])) { new EcartError(__('The order submitted to 2Checkout could not be verified.','Ecart'),'2co_validation_error',ECART_TRXN_ERR); ecart_redirect(ecarturl(false,'checkout')); } if (empty($_POST['order_number'])) { new EcartError(__('The order submitted by 2Checkout did not specify a transaction ID.','Ecart'),'2co_validation_error',ECART_TRXN_ERR); ecart_redirect(ecarturl(false,'checkout')); } $txnid = $_POST['order_number']; $txnstatus = $_POST['credit_card_processed'] == "Y"?'CHARGED':'PENDING'; $Ecart->Order->transaction($txnid,$txnstatus); }
/** * Gets data from the session data table and loads Member * objects into the User from the loaded data. * * @since 1.1 * * @return boolean **/ function load ($id) { $db = &DB::get(); if (is_robot() || empty($this->session)) return true; $loaded = false; $query = "SELECT * FROM $this->_table WHERE session='$this->session'"; if ($result = $db->query($query)) { if (substr($result->data,0,1) == "!") { $key = $_COOKIE[ECART_SECURE_KEY]; if (empty($key) && !is_ecart_secure()) ecart_redirect(force_ssl(raw_request_url(),true)); $readable = $db->query("SELECT AES_DECRYPT('". mysql_real_escape_string( base64_decode( substr($result->data,1) ) )."','$key') AS data"); $result->data = $readable->data; } $this->ip = $result->ip; $this->data = unserialize($result->data); $this->created = mktimestamp($result->created); $this->modified = mktimestamp($result->modified); $loaded = true; do_action('ecart_session_loaded'); } else { if (!empty($this->session)) $db->query("INSERT INTO $this->_table (session, ip, data, created, modified) VALUES ('$this->session','$this->ip','',now(),now())"); } do_action('ecart_session_load'); // Read standard session data if (@file_exists("$this->path/sess_$id")) return (string) @file_get_contents("$this->path/sess_$id"); return $loaded; }
/** * Handles loading, saving and deleting products in the context of workflows * * @return void **/ function workflow () { global $Ecart; $db =& DB::get(); $defaults = array( 'page' => false, 'deleting' => false, 'delete' => false, 'id' => false, 'save' => false, 'duplicate' => false, 'next' => false ); $args = array_merge($defaults,$_REQUEST); extract($args,EXTR_SKIP); if (!defined('WP_ADMIN') || !isset($page) || $page != $this->Admin->pagename('products')) return false; $adminurl = admin_url('admin.php'); if ($page == $this->Admin->pagename('products') && !empty($deleting) && !empty($delete) && is_array($delete)) { foreach($delete as $deletion) { $Product = new Product($deletion); $Product->delete(); } $redirect = esc_url(add_query_arg(array_merge($_GET,array('delete'=>null,'deleting'=>null)),$adminurl)); ecart_redirect($redirect); } if ($duplicate) { $Product = new Product($duplicate); $Product->duplicate(); ecart_redirect(add_query_arg('page',$this->Admin->pagename('products'),$adminurl)); } if (isset($id) && $id != "new") { $Ecart->Product = new Product($id); $Ecart->Product->load_data(array('prices','specs','categories','tags')); } else { $Ecart->Product = new Product(); $Ecart->Product->status = "publish"; } if ($save) { $this->save_product($Ecart->Product); $this->Notice = '<strong>'.stripslashes($Ecart->Product->name).'</strong> '.__('has been saved.','Ecart'); if ($next) { if ($next == "new") { $Ecart->Product = new Product(); $Ecart->Product->status = "publish"; } else { $Ecart->Product = new Product($next); $Ecart->Product->load_data(array('prices','specs','categories','tags')); } } else { if (empty($id)) $id = $Ecart->Product->id; $Ecart->Product = new Product($id); $Ecart->Product->load_data(array('prices','specs','categories','tags')); } } }
/** * Handles product file download requests * * @since 1.1 * * @return void **/ function download () { global $Ecart; $download = $this->request['ecart_download']; $Purchase = false; $Purchased = false; if (defined('WP_ADMIN')) { $forbidden = false; $Download = new ProductDownload($download); } else { $Order = &EcartOrder(); $Download = new ProductDownload(); $Download->loadby_dkey($download); $Purchased = $Download->purchased(); $Purchase = new Purchase($Purchased->purchase); $name = $Purchased->name.(!empty($Purchased->optionlabel)?' ('.$Purchased->optionlabel.')':''); $forbidden = false; // Purchase Completion check if ($Purchase->txnstatus != "CHARGED" && !ECART_PREPAYMENT_DOWNLOADS) { new EcartError(sprintf(__('"%s" cannot be downloaded because payment has not been received yet.','Ecart'),$name),'ecart_download_limit'); $forbidden = true; } // Account restriction checks if ($this->Settings->get('account_system') != "none" && (!$Order->Customer->login || $Order->Customer->id != $Purchase->customer)) { new EcartError(__('You must login to download purchases.','Ecart'),'ecart_download_limit'); ecart_redirect(ecarturl(false,'account')); } // Download limit checking if ($this->Settings->get('download_limit') // Has download credits available && $Purchased->downloads+1 > $this->Settings->get('download_limit')) { new EcartError(sprintf(__('"%s" is no longer available for download because the download limit has been reached.','Ecart'),$name),'ecart_download_limit'); $forbidden = true; } // Download expiration checking if ($this->Settings->get('download_timelimit') // Within the timelimit && $Purchased->created+$this->Settings->get('download_timelimit') < mktime() ) { new EcartError(sprintf(__('"%s" is no longer available for download because it has expired.','Ecart'),$name),'ecart_download_limit'); $forbidden = true; } // IP restriction checks if ($this->Settings->get('download_restriction') == "ip" && !empty($Purchase->ip) && $Purchase->ip != $_SERVER['REMOTE_ADDR']) { new EcartError(sprintf(__('"%s" cannot be downloaded because your computer could not be verified as the system the file was purchased from.','Ecart'),$name),'ecart_download_limit'); $forbidden = true; } do_action_ref_array('ecart_download_request',array(&$Purchased)); } if ($forbidden) { ecart_redirect(ecarturl(false,'account')); } if ($Download->download()) { if ($Purchased !== false) { $Purchased->downloads++; $Purchased->save(); do_action_ref_array('ecart_download_success',array(&$Purchased)); } exit(); } }
/** * Handles shopping cart requests * * @since 1.1 * * @return void Description... **/ function cart () { global $Ecart; $Cart = $Ecart->Order->Cart; if (isset($_REQUEST['shopping']) && strtolower($_REQUEST['shopping']) == "reset") { $Ecart->Shopping->reset(); ecart_redirect(ecarturl()); } if (empty($_REQUEST['cart'])) return true; do_action('ecart_cart_request'); if (isset($_REQUEST['ajax'])) { $Cart->totals(); $Cart->ajax(); } $redirect = false; if (isset($_REQUEST['redirect'])) $redirect = $_REQUEST['redirect']; switch ($redirect) { case "checkout": ecart_redirect(ecarturl(false,$redirect,$Ecart->Order->security())); break; default: if (!empty($_REQUEST['redirect'])) ecart_safe_redirect($_REQUEST['redirect']); else ecart_redirect(ecarturl(false,'cart')); } }
function reset_password ($activation) { if ($this->accounts == "none") return; $user_data = false; $activation = preg_replace('/[^a-z0-9]/i', '', $activation); $errors = array(); if (empty($activation) || !is_string($activation)) $errors[] = new EcartError(__('Invalid key','Ecart')); $RecoveryCustomer = new Customer($activation,'activation'); if (empty($RecoveryCustomer->id)) $errors[] = new EcartError(__('Invalid key','Ecart')); if (!empty($errors)) return false; // Generate a new random password $password = wp_generate_password(); do_action_ref_array('password_reset', array(&$RecoveryCustomer,$password)); $RecoveryCustomer->password = wp_hash_password($password); if ($this->accounts == "wordpress") { $user_data = get_userdata($RecoveryCustomer->wpuser); wp_set_password($password, $user_data->ID); } $RecoveryCustomer->activation = ''; $RecoveryCustomer->save(); $subject = apply_filters('ecart_reset_password_subject', sprintf(__('[%s] New Password','Ecart'),get_option('blogname'))); $Settings =& EcartSettings(); $_ = array(); $_[] = 'From: "'.get_option('blogname').'" <'.$Settings->get('merchant_email').'>'; $_[] = 'To: '.$RecoveryCustomer->email; $_[] = 'Subject: '.$subject; $_[] = ''; $_[] = sprintf(__('Your new password for %s:','Ecart'),get_option('siteurl')); $_[] = ''; if ($user_data) $_[] = sprintf(__('Login name: %s','Ecart'), $user_data->user_login); $_[] = sprintf(__('Password: %s'), $password) . "\r\n"; $_[] = ''; $_[] = __('Click here to login:'******' '.ecarturl(false,'account'); $message = apply_filters('ecart_reset_password_message',$_); if (!ecart_email(join("\r\n",$message))) { new EcartError(__('The e-mail could not be sent.'),'password_reset_email',ECART_ERR); ecart_redirect(add_query_arg('acct','recover',ecarturl(false,'account'))); } else new EcartError(__('Check your email address for your new password.','Ecart'),'password_reset_email',ECART_ERR); unset($_GET['acct']); }
function redirect () { global $Ecart; if (!empty($_POST['redirect'])) { if ($_POST['redirect'] == "checkout") ecart_redirect(ecarturl(false,'checkout',$Ecart->Gateways->secure)); else ecart_safe_redirect($_POST['redirect']); exit(); } ecart_safe_redirect(ecarturl(false,'account',$Ecart->Gateways->secure)); exit(); }
function process () { global $Ecart; $txnid = false; $txnstatus = false; if (isset($_POST['txn_id'])) { // IPN order processing if (ECART_DEBUG) new EcartError('Processing transaction from an IPN message.',false,ECART_DEBUG_ERR); $txnid = $_POST['txn_id']; $txnstatus = $this->status[$_POST['payment_status']]; } elseif (isset($_REQUEST['tx'])) { // PDT order processing if (ECART_DEBUG) new EcartError('Processing PDT packet: '._object_r($_GET),false,ECART_DEBUG_ERR); $txnid = $_GET['tx']; $txnstatus = $this->status[$_GET['st']]; if ($this->settings['pdtverify'] == "on") { $pdtstatus = $this->verifypdt(); if (!$pdtstatus) { new EcartError(__('The transaction was not verified by PayPal.','Ecart'),false,ECART_DEBUG_ERR); ecart_redirect(ecarturl(false,'checkout',false)); } } $Purchase = new Purchase($txnid,'txnid'); if (!empty($Purchase->id)) { if (ECART_DEBUG) new EcartError('Order located, already created from an IPN message.',false,ECART_DEBUG_ERR); $Ecart->resession(); $Ecart->Purchase = $Purchase; $Ecart->Order->purchase = $Purchase->id; ecart_redirect(ecarturl(false,'thanks',false)); } } if (!$txnid) return new EcartError('No transaction ID was found from either a PDT or IPN message. Transaction cannot be processed.',false,ECART_DEBUG_ERR); $Ecart->Order->transaction($txnid,$txnstatus); }
function process () { if (!isset($this->Order->token) || !isset($this->Order->payerid)) return false; $_ = $this->headers(); $_['METHOD'] = "DoExpressCheckoutPayment"; $_['PAYMENTACTION'] = "Sale"; $_['TOKEN'] = $this->Order->token; $_['PAYERID'] = $this->Order->payerid; $_['BUTTONSOURCE'] = 'ecartlugin.net[PPE]'; // Transaction $_ = array_merge($_,$this->purchase()); $message = $this->encode($_); $response = $this->send($message); if (!$response) { new EcartError(__('No response was received from PayPal. The order cannot be processed.','Ecart'),'paypalexpress_noresults',ECART_COMM_ERR); ecart_redirect(ecarturl(false,'checkout')); } if (strtolower($response->ack) != "success") { $message = join("; ",$response->longmessage); if (empty($message)) $message = __('The transaction failed for an unknown reason. PayPal did not provide any indication of why it failed.','Ecart'); new EcartError($message,'paypal_express_transacton_error',ECART_TRXN_ERR,array('codes'=>join('; ',$response->errorcode))); ecart_redirect(ecarturl(false,'checkout')); } $txnid = $response->transactionid; $txnstatus = $this->status[$response->paymentstatus]; $this->Order->transaction($txnid,$txnstatus); }
function process () { global $Ecart; $stock = true; foreach( $this->Order->Cart->contents as $item ) { //check stock before redirecting to Google if (!$item->instock()){ new EcartError(sprintf(__("There is not sufficient stock on %s to process order."),$item->name),'invalid_order',ECART_TRXN_ERR); $stock = false; } } if (!$stock) ecart_redirect(ecarturl(false,'cart',false)); $message = $this->buildCheckoutRequest(); $Response = $this->send($message,$this->urls['checkout']); if (!empty($Response)) { if ($Response->tag('error')) { new EcartError($Response->content('error-message'),'google_checkout_error',ECART_TRXN_ERR); ecart_redirect(ecarturl(false,'checkout')); } $redirect = false; $redirect = $Response->content('redirect-url'); if ($redirect) { $Ecart->resession(); ecart_redirect($redirect); } } return false; }