public function editAffiliate($affiliate_id, $data)
{
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', company = '" . $this->db->escape($data['company']) . "', address_1 = '" . $this->db->escape($data['address_1']) . "', address_2 = '" . $this->db->escape($data['address_2']) . "', city = '" . $this->db->escape($data['city']) . "', postcode = '" . $this->db->escape($data['postcode']) . "', country_id = '" . (int) $data['country_id'] . "', zone_id = '" . (int) $data['zone_id'] . "', code = '" . $this->db->escape($data['code']) . "', commission = '" . (double) $data['commission'] . "', tax = '" . $this->db->escape($data['tax']) . "', payment = '" . $this->db->escape($data['payment']) . "', cheque = '" . $this->db->escape($data['cheque']) . "', paypal = '" . $this->db->escape($data['paypal']) . "', bank_name = '" . $this->db->escape($data['bank_name']) . "', bank_branch_number = '" . $this->db->escape($data['bank_branch_number']) . "', bank_swift_code = '" . $this->db->escape($data['bank_swift_code']) . "', bank_account_name = '" . $this->db->escape($data['bank_account_name']) . "', bank_account_number = '" . $this->db->escape($data['bank_account_number']) . "', status = '" . (int) $data['status'] . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
if ($data['password']) {
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET salt = '" . $this->db->escape($salt = substr(hash_rand('md5'), 0, 9)) . "', password = '******'password'])))) . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
}
}
public function mysql($data)
{
$db = new DB($data['db_driver'], $data['db_host'], $data['db_user'], $data['db_password'], $data['db_name']);
$file = DIR_APPLICATION . 'opencart.sql';
if (!file_exists($file)) {
exit('Could not load sql file: ' . $file);
}
$lines = file($file);
if ($lines) {
$sql = '';
foreach ($lines as $line) {
if ($line && substr($line, 0, 2) != '--' && substr($line, 0, 1) != '#') {
$sql .= $line;
if (preg_match('/;\\s*$/', $line)) {
$sql = str_replace("DROP TABLE IF EXISTS `oc_", "DROP TABLE IF EXISTS `" . $data['db_prefix'], $sql);
$sql = str_replace("CREATE TABLE `oc_", "CREATE TABLE `" . $data['db_prefix'], $sql);
$sql = str_replace("INSERT INTO `oc_", "INSERT INTO `" . $data['db_prefix'], $sql);
$db->query($sql);
$sql = '';
}
}
}
$db->query("SET CHARACTER SET utf8");
$db->query("SET @@session.sql_mode = 'MYSQL40'");
$db->query("DELETE FROM `" . $data['db_prefix'] . "user` WHERE user_id = '1'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "user` SET user_id = '1', user_group_id = '1', username = '******'username']) . "', salt = '" . $db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', password = '******'password'])))) . "', status = '1', email = '" . $db->escape($data['email']) . "', date_added = NOW()");
$db->query("DELETE FROM `" . $data['db_prefix'] . "setting` WHERE `key` = 'config_email'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "setting` SET `group` = 'config', `key` = 'config_email', value = '" . $db->escape($data['email']) . "'");
$db->query("DELETE FROM `" . $data['db_prefix'] . "setting` WHERE `key` = 'config_url'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "setting` SET `group` = 'config', `key` = 'config_url', value = '" . $db->escape(HTTP_OPENCART) . "'");
$db->query("DELETE FROM `" . $data['db_prefix'] . "setting` WHERE `key` = 'config_encryption'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "setting` SET `group` = 'config', `key` = 'config_encryption', value = '" . $db->escape(hash_rand('md5')) . "'");
$db->query("UPDATE `" . $data['db_prefix'] . "product` SET `viewed` = '0'");
}
}
public function index()
{
if (!$this->config->get('config_password')) {
$this->redirect($this->url->link('common/login', '', 'SSL'));
}
$this->language->load('common/forgotten');
$this->document->setTitle($this->language->get('heading_title'));
$this->load->model('user/user');
if ($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate()) {
$this->language->load('mail/forgotten');
$code = hash_rand('sha1');
$this->model_user_user->editCode($this->request->post['email'], $code);
$subject = sprintf($this->language->get('text_subject'), $this->config->get('config_name'));
$message = sprintf($this->language->get('text_greeting'), $this->config->get('config_name')) . "\n\n";
$message .= sprintf($this->language->get('text_change'), $this->config->get('config_name')) . "\n\n";
$message .= $this->url->link('common/reset', 'code=' . $code, 'SSL') . "\n\n";
$message .= sprintf($this->language->get('text_ip'), $this->request->server['REMOTE_ADDR']) . "\n\n";
$mail = new Mail();
$mail->protocol = $this->config->get('config_mail_protocol');
$mail->parameter = $this->config->get('config_mail_parameter');
$mail->hostname = $this->config->get('config_smtp_host');
$mail->username = $this->config->get('config_smtp_username');
$mail->password = $this->config->get('config_smtp_password');
$mail->port = $this->config->get('config_smtp_port');
$mail->timeout = $this->config->get('config_smtp_timeout');
$mail->setTo($this->request->post['email']);
$mail->setFrom($this->config->get('config_email'));
$mail->setSender($this->config->get('config_name'));
$mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
$mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8'));
$mail->send();
$this->session->data['success'] = $this->language->get('text_success');
$this->redirect($this->url->link('common/login', '', 'SSL'));
}
$this->data['breadcrumbs'] = array();
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_home'), 'href' => $this->url->link('common/home', '', 'SSL'), 'separator' => false);
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_forgotten'), 'href' => $this->url->link('common/forgotten', '', 'SSL'), 'separator' => $this->language->get('text_separator'));
$this->data['heading_title'] = $this->language->get('heading_title');
$this->data['text_your_email'] = $this->language->get('text_your_email');
$this->data['text_email'] = $this->language->get('text_email');
$this->data['entry_email'] = $this->language->get('entry_email');
$this->data['button_reset'] = $this->language->get('button_reset');
$this->data['button_cancel'] = $this->language->get('button_cancel');
if (isset($this->error['warning'])) {
$this->data['error_warning'] = $this->error['warning'];
} else {
$this->data['error_warning'] = '';
}
$this->data['action'] = $this->url->link('common/forgotten', '', 'SSL');
$this->data['cancel'] = $this->url->link('common/login', '', 'SSL');
if (isset($this->request->post['email'])) {
$this->data['email'] = $this->request->post['email'];
} else {
$this->data['email'] = '';
}
$this->template = 'common/forgotten.tpl';
$this->children = array('common/header', 'common/footer');
$this->response->setOutput($this->render());
}
public function index()
{
$this->language->load('tool/upload');
$json = array();
if (!empty($this->request->files['file']['name']) && is_file($this->request->files['file']['tmp_name'])) {
// Sanitize the filename
$filename = basename(preg_replace('/[^a-zA-Z0-9\\.\\-\\s+]/', '', html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8')));
// Validate the filename length
if (utf8_strlen($filename) < 3 || utf8_strlen($filename) > 64) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
$allowed = array();
$extension_allowed = preg_replace('~\\r?\\n~', "\n", $this->config->get('config_file_ext_allowed'));
$filetypes = explode("\n", $extension_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array(strtolower(substr(strrchr($filename, '.'), 1)), $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Allowed file mime types
$allowed = array();
$mime_allowed = preg_replace('~\\r?\\n~', "\n", $this->config->get('config_file_mime_allowed'));
$filetypes = explode("\n", $mime_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array($this->request->files['file']['type'], $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Check to see if any PHP files are trying to be uploaded
$content = file_get_contents($this->request->files['file']['tmp_name']);
if (preg_match('/\\<\\?php/i', $content)) {
$json['error'] = $this->language->get('error_filetype');
}
// Return any upload error
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
} else {
$json['error'] = $this->language->get('error_upload');
}
clearstatcache();
if (!$json && is_uploaded_file($this->request->files['file']['tmp_name']) && file_exists($this->request->files['file']['tmp_name'])) {
$file = basename($filename) . '.' . hash_rand('md5');
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD . $file);
// Hide the uploaded file name so people can not link to it directly.
$this->load->model('tool/upload');
$json['code'] = $this->model_tool_upload->addUpload($filename, $file);
$json['success'] = $this->language->get('text_upload');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
public function editCustomer($customer_id, $data)
{
$this->db->query("UPDATE " . DB_PREFIX . "customer SET firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . (isset($data['fax']) ? (int) $data['fax'] : 0) . "', gender = '" . (isset($data['gender']) ? (int) $data['gender'] : 0) . "', date_of_birth = '" . $this->db->escape($data['date_of_birth']) . "', newsletter = '" . (int) $data['newsletter'] . "', customer_group_id = '" . (int) $data['customer_group_id'] . "', status = '" . (int) $data['status'] . "', approved = '" . (int) $data['approved'] . "' WHERE customer_id = '" . (int) $customer_id . "'");
if ($data['password']) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = substr(hash_rand('md5'), 0, 9)) . "', password = '******'password'])))) . "' WHERE customer_id = '" . (int) $customer_id . "'");
}
$this->db->query("DELETE FROM " . DB_PREFIX . "address WHERE customer_id = '" . (int) $customer_id . "'");
if (isset($data['address'])) {
foreach ($data['address'] as $address) {
$this->db->query("INSERT INTO " . DB_PREFIX . "address SET address_id = '" . (int) $address['address_id'] . "', customer_id = '" . (int) $customer_id . "', firstname = '" . $this->db->escape($address['firstname']) . "', lastname = '" . $this->db->escape($address['lastname']) . "', company = '" . $this->db->escape($address['company']) . "', company_id = '" . $this->db->escape($address['company_id']) . "', tax_id = '" . $this->db->escape($address['tax_id']) . "', address_1 = '" . $this->db->escape($address['address_1']) . "', address_2 = '" . $this->db->escape($address['address_2']) . "', city = '" . $this->db->escape($address['city']) . "', postcode = '" . $this->db->escape($address['postcode']) . "', country_id = '" . (int) $address['country_id'] . "', zone_id = '" . (int) $address['zone_id'] . "'");
if (isset($address['default'])) {
$address_id = $this->db->getLastId();
$this->db->query("UPDATE " . DB_PREFIX . "customer SET address_id = '" . (int) $address_id . "' WHERE customer_id = '" . (int) $customer_id . "'");
}
}
}
}
public function editPassword($user_id, $password)
{
$this->db->query("UPDATE `" . DB_PREFIX . "user` SET salt = '" . $this->db->escape($salt = substr(hash_rand('md5'), 0, 9)) . "', password = '******', code = '' WHERE user_id = '" . (int) $user_id . "'");
}
public function index()
{
$this->language->load('common/login');
$this->document->setTitle($this->language->get('heading_title'));
if ($this->user->isLogged() && isset($this->request->get['token']) && $this->request->get['token'] == $this->session->data['token']) {
$this->redirect($this->url->link('common/home', 'token=' . $this->session->data['token'], 'SSL'));
}
if ($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate()) {
$this->session->data['token'] = hash_rand('md5');
if (isset($this->request->post['redirect']) && (strpos($this->request->post['redirect'], HTTP_SERVER) === 0 || strpos($this->request->post['redirect'], HTTPS_SERVER) === 0)) {
$this->redirect($this->request->post['redirect'] . '&token=' . $this->session->data['token']);
} else {
$this->redirect($this->url->link('common/home', 'token=' . $this->session->data['token'], 'SSL'));
}
}
$this->data['heading_title'] = $this->language->get('heading_title');
$this->data['text_login'] = $this->language->get('text_login');
$this->data['text_forgotten'] = $this->language->get('text_forgotten');
$this->data['entry_username'] = $this->language->get('entry_username');
$this->data['entry_password'] = $this->language->get('entry_password');
$this->data['button_login'] = $this->language->get('button_login');
if (isset($this->session->data['token']) && !isset($this->request->get['token']) || isset($this->request->get['token']) && (isset($this->session->data['token']) && $this->request->get['token'] != $this->session->data['token'])) {
$this->error['warning'] = $this->language->get('error_token');
}
if (isset($this->error['warning'])) {
$this->data['error_warning'] = $this->error['warning'];
} else {
$this->data['error_warning'] = '';
}
if (isset($this->session->data['success'])) {
$this->data['success'] = $this->session->data['success'];
unset($this->session->data['success']);
} else {
$this->data['success'] = '';
}
$this->data['action'] = $this->url->link('common/login', '', 'SSL');
if (isset($this->request->post['username'])) {
$this->data['username'] = $this->request->post['username'];
} else {
$this->data['username'] = '';
}
if (isset($this->request->post['password'])) {
$this->data['password'] = $this->request->post['password'];
} else {
$this->data['password'] = '';
}
if (isset($this->request->get['route'])) {
$route = $this->request->get['route'];
unset($this->request->get['route']);
if (isset($this->request->get['token'])) {
unset($this->request->get['token']);
}
$url = '';
if ($this->request->get) {
$url .= http_build_query($this->request->get);
}
$this->data['redirect'] = $this->url->link($route, $url, 'SSL');
} else {
$this->data['redirect'] = '';
}
if ($this->config->get('config_password')) {
$this->data['forgotten'] = $this->url->link('common/forgotten', '', 'SSL');
} else {
$this->data['forgotten'] = '';
}
$this->template = 'common/login.tpl';
$this->children = array('common/header', 'common/footer');
$this->response->setOutput($this->render());
}
public function editPassword($email, $password)
{
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = substr(hash_rand('md5'), 0, 9)) . "', password = '******' WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
}
public function index()
{
if ($this->affiliate->isLogged()) {
$this->redirect($this->url->link('affiliate/account', '', 'SSL'));
}
if ($this->config->get('config_secure') && !$this->request->isSecure()) {
$this->redirect($this->url->link('affiliate/forgotten', '', 'SSL'), 301);
}
$this->language->load('affiliate/forgotten');
$this->document->setTitle($this->language->get('heading_title'));
$this->load->model('affiliate/affiliate');
if ($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate()) {
$this->language->load('mail/forgotten');
$password = substr(hash_rand('md5'), 0, 10);
$this->model_affiliate_affiliate->editPassword($this->request->post['email'], $password);
$subject = sprintf($this->language->get('text_subject'), $this->config->get('config_name'));
$message = sprintf($this->language->get('text_greeting'), $this->config->get('config_name')) . "\n\n";
$message .= $this->language->get('text_password') . "\n\n";
$message .= $password;
$mail = new Mail();
$mail->protocol = $this->config->get('config_mail_protocol');
$mail->parameter = $this->config->get('config_mail_parameter');
$mail->hostname = $this->config->get('config_smtp_host');
$mail->username = $this->config->get('config_smtp_username');
$mail->password = $this->config->get('config_smtp_password');
$mail->port = $this->config->get('config_smtp_port');
$mail->timeout = $this->config->get('config_smtp_timeout');
$mail->setTo($this->request->post['email']);
$mail->setFrom($this->config->get('config_email'));
$mail->setSender($this->config->get('config_name'));
$mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
$mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8'));
$mail->send();
$this->session->data['success'] = $this->language->get('text_success');
$this->redirect($this->url->link('affiliate/login', '', 'SSL'));
}
$this->data['breadcrumbs'] = array();
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_home'), 'href' => $this->url->link('common/home'), 'separator' => false);
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_account'), 'href' => $this->url->link('affiliate/account', '', 'SSL'), 'separator' => $this->language->get('text_separator'));
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_forgotten'), 'href' => $this->url->link('affiliate/forgotten', '', 'SSL'), 'separator' => $this->language->get('text_separator'));
$this->data['heading_title'] = $this->language->get('heading_title');
$this->data['text_your_email'] = $this->language->get('text_your_email');
$this->data['text_email'] = $this->language->get('text_email');
$this->data['entry_email'] = $this->language->get('entry_email');
$this->data['button_continue'] = $this->language->get('button_continue');
$this->data['button_back'] = $this->language->get('button_back');
if (isset($this->error['warning'])) {
$this->data['error_warning'] = $this->error['warning'];
} else {
$this->data['error_warning'] = '';
}
$this->data['action'] = $this->url->link('affiliate/forgotten', '', 'SSL');
$this->data['back'] = $this->url->link('affiliate/login', '', 'SSL');
if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/affiliate/forgotten.tpl')) {
$this->template = $this->config->get('config_template') . '/template/affiliate/forgotten.tpl';
} else {
$this->template = 'default/template/affiliate/forgotten.tpl';
}
$this->children = array('common/column_left', 'common/column_right', 'common/content_top', 'common/content_bottom', 'common/footer', 'common/header');
$this->response->setOutput($this->render());
}
public function upload()
{
$this->language->load('catalog/download');
$json = array();
if (!$this->user->hasPermission('modify', 'catalog/download')) {
$json['error'] = $this->language->get('error_permission');
}
if (!isset($json['error'])) {
if (!empty($this->request->files['file']['name'])) {
$filename = basename(html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8'));
if (utf8_strlen($filename) < 3 || utf8_strlen($filename) > 128) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
$allowed = array();
$filetypes = explode("\n", str_replace(array("\r\n", "\r"), "\n", $this->config->get('config_file_extension_allowed')));
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array(substr(strrchr($filename, '.'), 1), $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Allowed file mime types
$allowed = array();
$filetypes = explode("\n", str_replace(array("\r\n", "\r"), "\n", $this->config->get('config_file_mime_allowed')));
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array($this->request->files['file']['type'], $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Check to see if any PHP files are trying to be uploaded
$content = file_get_contents($this->request->files['file']['tmp_name']);
if (preg_match('/\\<\\?php/i', $content)) {
$json['error'] = $this->language->get('error_filetype');
}
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
} else {
$json['error'] = $this->language->get('error_upload');
}
}
if (!isset($json['error'])) {
if (is_uploaded_file($this->request->files['file']['tmp_name']) && file_exists($this->request->files['file']['tmp_name'])) {
$ext = hash_rand('md5');
$json['filename'] = $filename . '.' . $ext;
$json['mask'] = $filename;
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_DOWNLOAD . $filename . '.' . $ext);
}
$json['success'] = $this->language->get('text_upload');
}
$this->response->setOutput(json_encode($json));
}
public function upload()
{
$this->language->load('sale/order');
$json = array();
if ($this->request->server['REQUEST_METHOD'] == 'POST') {
if (!empty($this->request->files['file']['name'])) {
$filename = html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8');
if (utf8_strlen($filename) < 3 || utf8_strlen($filename) > 128) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
$allowed = array();
$filetypes = explode("\n", str_replace(array("\r\n", "\r"), "\n", $this->config->get('config_file_extension_allowed')));
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array(substr(strrchr($filename, '.'), 1), $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Allowed file mime types
$allowed = array();
$filetypes = explode("\n", str_replace(array("\r\n", "\r"), "\n", $this->config->get('config_file_mime_allowed')));
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array($this->request->files['file']['type'], $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
} else {
$json['error'] = $this->language->get('error_upload');
}
if (!isset($json['error'])) {
if (is_uploaded_file($this->request->files['file']['tmp_name']) && file_exists($this->request->files['file']['tmp_name'])) {
$file = basename($filename) . '.' . hash_rand('md5');
$json['file'] = $file;
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_DOWNLOAD . $file);
}
$json['success'] = $this->language->get('text_upload');
}
}
$this->response->setOutput(json_encode($json));
}
public function index()
{
$redirect = '';
if ($this->cart->hasShipping()) {
// Validate if shipping address has been set
$this->load->model('account/address');
if ($this->customer->isLogged() && isset($this->session->data['shipping_address_id'])) {
$shipping_address = $this->model_account_address->getAddress($this->session->data['shipping_address_id']);
}
if (empty($shipping_address)) {
$redirect = $this->url->link('checkout_express/checkout', '', 'SSL');
}
// Validate if shipping method has been set
if (!isset($this->session->data['shipping_method'])) {
$redirect = $this->url->link('checkout_express/checkout', '', 'SSL');
}
} else {
unset($this->session->data['shipping_method']);
unset($this->session->data['shipping_methods']);
}
// Validate if payment address has been set
$this->load->model('account/address');
if ($this->customer->isLogged() && isset($this->session->data['payment_address_id'])) {
$payment_address = $this->model_account_address->getAddress($this->session->data['payment_address_id']);
}
if (empty($payment_address) && !$this->config->get('config_express_billing')) {
if (isset($this->session->data['shipping_country_id'])) {
$payment_address['country_id'] = $this->session->data['shipping_country_id'];
} else {
$payment_address['country_id'] = $this->config->get('config_country_id');
}
if (isset($this->session->data['shipping_zone_id'])) {
$payment_address['zone_id'] = $this->session->data['shipping_zone_id'];
} else {
$payment_address['zone_id'] = '';
}
}
if (empty($payment_address)) {
$redirect = $this->url->link('checkout_express/checkout', '', 'SSL');
}
// Validate if payment method has been set
if (!isset($this->session->data['payment_method'])) {
$redirect = $this->url->link('checkout_express/checkout', '', 'SSL');
}
// Validate cart has products and has stock
if (!$this->cart->hasProducts() && empty($this->session->data['vouchers']) || !$this->cart->hasStock() && !$this->config->get('config_stock_checkout')) {
$redirect = $this->url->link('checkout/cart');
}
// Validate minimum quantity requirements
$products = $this->cart->getProducts();
foreach ($products as $product) {
$product_total = 0;
foreach ($products as $product_2) {
if ($product_2['product_id'] == $product['product_id']) {
$product_total += $product_2['quantity'];
}
}
if ($product['minimum'] > $product_total) {
$redirect = $this->url->link('checkout/cart');
break;
}
}
if (!$redirect) {
// Totals
$total_data = array();
$total = 0;
$taxes = $this->cart->getTaxes();
$this->load->model('setting/extension');
$sort_order = array();
$results = $this->model_setting_extension->getExtensions('total');
foreach ($results as $key => $value) {
$sort_order[$key] = $this->config->get($value['code'] . '_sort_order');
}
array_multisort($sort_order, SORT_ASC, $results);
foreach ($results as $result) {
if ($this->config->get($result['code'] . '_status')) {
$this->load->model('total/' . $result['code']);
$this->{'model_total_' . $result['code']}->getTotal($total_data, $total, $taxes);
}
}
$sort_order = array();
foreach ($total_data as $key => $value) {
$sort_order[$key] = $value['sort_order'];
}
array_multisort($sort_order, SORT_ASC, $total_data);
$data = array();
$data['invoice_prefix'] = $this->config->get('config_invoice_prefix');
$data['store_id'] = $this->config->get('config_store_id');
$data['store_name'] = $this->config->get('config_name');
if ($data['store_id']) {
$data['store_url'] = $this->config->get('config_url');
} else {
$data['store_url'] = HTTP_SERVER;
}
if ($this->customer->isLogged()) {
$data['customer_id'] = $this->customer->getId();
$data['customer_group_id'] = $this->customer->getCustomerGroupId();
$data['firstname'] = $this->customer->getFirstName();
$data['lastname'] = $this->customer->getLastName();
$data['email'] = $this->customer->getEmail();
$data['telephone'] = $this->customer->getTelephone();
$data['fax'] = $this->customer->getFax();
if ($this->config->get('config_express_billing')) {
$this->load->model('account/address');
$payment_address = $this->model_account_address->getAddress($this->session->data['payment_address_id']);
$data['payment_firstname'] = $payment_address['firstname'];
$data['payment_lastname'] = $payment_address['lastname'];
$data['payment_company'] = $payment_address['company'];
$data['payment_company_id'] = $payment_address['company_id'];
$data['payment_tax_id'] = $payment_address['tax_id'];
$data['payment_address_1'] = $payment_address['address_1'];
$data['payment_address_2'] = $payment_address['address_2'];
$data['payment_city'] = $payment_address['city'];
$data['payment_postcode'] = $payment_address['postcode'];
$data['payment_zone'] = $payment_address['zone'];
$data['payment_zone_id'] = $payment_address['zone_id'];
$data['payment_country'] = $payment_address['country'];
$data['payment_country_id'] = $payment_address['country_id'];
$data['payment_address_format'] = $payment_address['address_format'];
} else {
$data['payment_firstname'] = '';
$data['payment_lastname'] = '';
$data['payment_company'] = '';
$data['payment_company_id'] = '';
$data['payment_tax_id'] = '';
$data['payment_address_1'] = '';
$data['payment_address_2'] = '';
$data['payment_city'] = '';
$data['payment_postcode'] = '';
$data['payment_zone'] = '';
$data['payment_zone_id'] = '';
$data['payment_country'] = '';
$data['payment_country_id'] = '';
$data['payment_address_format'] = '';
}
}
if (isset($this->session->data['payment_method']['title'])) {
$data['payment_method'] = $this->session->data['payment_method']['title'];
} else {
$data['payment_method'] = '';
}
if (isset($this->session->data['payment_method']['code'])) {
$data['payment_code'] = $this->session->data['payment_method']['code'];
} else {
$data['payment_code'] = '';
}
if ($this->cart->hasShipping()) {
if ($this->customer->isLogged()) {
$this->load->model('account/address');
$shipping_address = $this->model_account_address->getAddress($this->session->data['shipping_address_id']);
}
$data['shipping_firstname'] = $shipping_address['firstname'];
$data['shipping_lastname'] = $shipping_address['lastname'];
$data['shipping_company'] = $shipping_address['company'];
$data['shipping_address_1'] = $shipping_address['address_1'];
$data['shipping_address_2'] = $shipping_address['address_2'];
$data['shipping_city'] = $shipping_address['city'];
$data['shipping_postcode'] = $shipping_address['postcode'];
$data['shipping_zone'] = $shipping_address['zone'];
$data['shipping_zone_id'] = $shipping_address['zone_id'];
$data['shipping_country'] = $shipping_address['country'];
$data['shipping_country_id'] = $shipping_address['country_id'];
$data['shipping_address_format'] = $shipping_address['address_format'];
if (isset($this->session->data['shipping_method']['title'])) {
$data['shipping_method'] = $this->session->data['shipping_method']['title'];
} else {
$data['shipping_method'] = '';
}
if (isset($this->session->data['shipping_method']['code'])) {
$data['shipping_code'] = $this->session->data['shipping_method']['code'];
} else {
$data['shipping_code'] = '';
}
} else {
$data['shipping_firstname'] = '';
$data['shipping_lastname'] = '';
$data['shipping_company'] = '';
$data['shipping_address_1'] = '';
$data['shipping_address_2'] = '';
$data['shipping_city'] = '';
$data['shipping_postcode'] = '';
$data['shipping_zone'] = '';
$data['shipping_zone_id'] = '';
$data['shipping_country'] = '';
$data['shipping_country_id'] = '';
$data['shipping_address_format'] = '';
$data['shipping_method'] = '';
$data['shipping_code'] = '';
}
$product_data = array();
foreach ($this->cart->getProducts() as $product) {
$option_data = array();
foreach ($product['option'] as $option) {
if ($option['type'] != 'file') {
$value = $option['option_value'];
} else {
$value = $this->encryption->decrypt($option['option_value']);
}
$option_data[] = array('product_option_id' => $option['product_option_id'], 'product_option_value_id' => $option['product_option_value_id'], 'option_id' => $option['option_id'], 'option_value_id' => $option['option_value_id'], 'name' => $option['name'], 'value' => $value, 'type' => $option['type']);
}
$product_data[] = array('product_id' => $product['product_id'], 'name' => $product['name'], 'model' => $product['model'], 'option' => $option_data, 'download' => $product['download'], 'quantity' => $product['quantity'], 'subtract' => $product['subtract'], 'price' => $product['price'], 'cost' => $product['cost'], 'total' => $product['total'], 'tax' => $this->tax->getTax($product['price'], $product['tax_class_id']), 'reward' => $product['reward']);
}
// Gift Voucher
$voucher_data = array();
if (!empty($this->session->data['vouchers'])) {
foreach ($this->session->data['vouchers'] as $voucher) {
$voucher_data[] = array('description' => $voucher['description'], 'code' => substr(hash_rand('md5'), 0, 10), 'to_name' => $voucher['to_name'], 'to_email' => $voucher['to_email'], 'from_name' => $voucher['from_name'], 'from_email' => $voucher['from_email'], 'voucher_theme_id' => $voucher['voucher_theme_id'], 'message' => $voucher['message'], 'amount' => $voucher['amount']);
}
}
$data['products'] = $product_data;
$data['vouchers'] = $voucher_data;
$data['totals'] = $total_data;
$data['comment'] = $this->session->data['comment'];
$data['total'] = $total;
if (isset($this->request->cookie['tracking'])) {
$this->load->model('affiliate/affiliate');
$affiliate_info = $this->model_affiliate_affiliate->getAffiliateByCode($this->request->cookie['tracking']);
$subtotal = $this->cart->getSubTotal();
if ($affiliate_info) {
$data['affiliate_id'] = $affiliate_info['affiliate_id'];
$data['commission'] = $subtotal / 100 * $affiliate_info['commission'];
} else {
$data['affiliate_id'] = 0;
$data['commission'] = 0;
}
} else {
$data['affiliate_id'] = 0;
$data['commission'] = 0;
}
$data['language_id'] = $this->config->get('config_language_id');
$data['currency_id'] = $this->currency->getId();
$data['currency_code'] = $this->currency->getCode();
$data['currency_value'] = $this->currency->getValue($this->currency->getCode());
$data['ip'] = $this->request->server['REMOTE_ADDR'];
if (!empty($this->request->server['HTTP_X_FORWARDED_FOR'])) {
$data['forwarded_ip'] = $this->request->server['HTTP_X_FORWARDED_FOR'];
} elseif (!empty($this->request->server['HTTP_CLIENT_IP'])) {
$data['forwarded_ip'] = $this->request->server['HTTP_CLIENT_IP'];
} else {
$data['forwarded_ip'] = '';
}
if (isset($this->request->server['HTTP_USER_AGENT'])) {
$data['user_agent'] = $this->request->server['HTTP_USER_AGENT'];
} else {
$data['user_agent'] = '';
}
if (isset($this->request->server['HTTP_ACCEPT_LANGUAGE'])) {
$data['accept_language'] = $this->request->server['HTTP_ACCEPT_LANGUAGE'];
} else {
$data['accept_language'] = '';
}
$this->language->load('checkout/checkout_express');
$this->load->model('checkout/order');
$this->session->data['order_id'] = $this->model_checkout_order->addOrder($data);
// Language
$this->data['text_checkout_confirm'] = $this->language->get('text_checkout_confirm');
if ($this->customer->isLogged()) {
$this->load->model('account/address');
if (isset($this->session->data['shipping_address_id'])) {
$ship_address = $this->model_account_address->getAddress($this->session->data['shipping_address_id']);
} elseif (isset($this->session->data['payment_address_id'])) {
$ship_address = $this->model_account_address->getAddress($this->session->data['payment_address_id']);
} else {
$customer_id = $this->customer->getId();
$address_id = $this->model_account_address->getDefaultAddressId($customer_id);
$ship_address = $this->model_account_address->getAddress($address_id);
}
$this->data['shipping_firstname'] = $ship_address['firstname'];
$this->data['shipping_lastname'] = $ship_address['lastname'];
$this->data['shipping_company'] = $ship_address['company'];
$this->data['shipping_address_1'] = $ship_address['address_1'];
$this->data['shipping_address_2'] = $ship_address['address_2'];
$this->data['shipping_city'] = $ship_address['city'];
$this->data['shipping_postcode'] = $ship_address['postcode'];
$this->data['shipping_zone'] = $ship_address['zone'];
$this->data['shipping_country'] = $ship_address['country'];
} else {
$this->data['shipping_firstname'] = '';
$this->data['shipping_lastname'] = '';
$this->data['shipping_company'] = '';
$this->data['shipping_address_1'] = '';
$this->data['shipping_address_2'] = '';
$this->data['shipping_city'] = '';
$this->data['shipping_postcode'] = '';
$this->data['shipping_zone'] = '';
$this->data['shipping_country'] = '';
}
if (isset($this->session->data['shipping_method']['title'])) {
$this->data['shipping_method_selected'] = $this->session->data['shipping_method']['title'];
} else {
$this->data['shipping_method_selected'] = '';
}
if (isset($this->session->data['payment_method']['title'])) {
$this->data['payment_method_selected'] = $this->session->data['payment_method']['title'];
} else {
$this->data['payment_method_selected'] = '';
}
if (isset($this->session->data['comment'])) {
$this->data['order_comment'] = $this->session->data['comment'];
} else {
$this->data['order_comment'] = '';
}
$this->data['column_name'] = $this->language->get('column_name');
$this->data['column_model'] = $this->language->get('column_model');
$this->data['column_quantity'] = $this->language->get('column_quantity');
$this->data['column_price'] = $this->language->get('column_price');
$this->data['column_total'] = $this->language->get('column_total');
$this->data['text_recurring_item'] = $this->language->get('text_recurring_item');
$this->data['text_payment_profile'] = $this->language->get('text_payment_profile');
$this->data['products'] = array();
foreach ($this->cart->getProducts() as $product) {
$option_data = array();
foreach ($product['option'] as $option) {
if ($option['type'] != 'file') {
$value = $option['option_value'];
} else {
$filename = $this->encryption->decrypt($option['option_value']);
$value = utf8_substr($filename, 0, utf8_strrpos($filename, '.'));
}
$option_data[] = array('name' => $option['name'], 'value' => utf8_strlen($value) > 20 ? utf8_substr($value, 0, 20) . '..' : $value);
}
$profile_description = '';
if ($product['recurring']) {
$frequencies = array('day' => $this->language->get('text_day'), 'week' => $this->language->get('text_week'), 'semi_month' => $this->language->get('text_semi_month'), 'month' => $this->language->get('text_month'), 'year' => $this->language->get('text_year'));
if ($product['recurring_trial']) {
$recurring_price = $this->currency->format($this->tax->calculate($product['recurring_trial_price'] * $product['quantity'], $product['tax_class_id'], $this->config->get('config_tax')));
$profile_description = sprintf($this->language->get('text_trial_description'), $recurring_price, $product['recurring_trial_cycle'], $frequencies[$product['recurring_trial_frequency']], $product['recurring_trial_duration']) . ' ';
}
$recurring_price = $this->currency->format($this->tax->calculate($product['recurring_price'] * $product['quantity'], $product['tax_class_id'], $this->config->get('config_tax')));
if ($product['recurring_duration']) {
$profile_description .= sprintf($this->language->get('text_payment_description'), $recurring_price, $product['recurring_cycle'], $frequencies[$product['recurring_frequency']], $product['recurring_duration']);
} else {
$profile_description .= sprintf($this->language->get('text_payment_until_canceled_description'), $recurring_price, $product['recurring_cycle'], $frequencies[$product['recurring_frequency']], $product['recurring_duration']);
}
}
$this->data['products'][] = array('product_id' => $product['product_id'], 'name' => $product['name'], 'model' => $product['model'], 'option' => $option_data, 'quantity' => $product['quantity'], 'subtract' => $product['subtract'], 'price' => $this->currency->format($this->tax->calculate($product['price'], $product['tax_class_id'], $this->config->get('config_tax'))), 'total' => $this->currency->format($this->tax->calculate($product['price'], $product['tax_class_id'], $this->config->get('config_tax')) * $product['quantity']), 'href' => $this->url->link('product/product', 'product_id=' . $product['product_id']), 'recurring' => $product['recurring'], 'profile_name' => $product['profile_name'], 'profile_description' => $profile_description);
}
// Gift Voucher
$this->data['vouchers'] = array();
if (!empty($this->session->data['vouchers'])) {
foreach ($this->session->data['vouchers'] as $voucher) {
$this->data['vouchers'][] = array('description' => $voucher['description'], 'amount' => $this->currency->format($voucher['amount']));
}
}
$this->data['totals'] = $total_data;
$this->data['payment'] = $this->getChild('payment/' . $this->session->data['payment_method']['code']);
} else {
$this->data['redirect'] = $redirect;
}
// Theme
$this->data['template'] = $this->config->get('config_template');
if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/checkout_express/confirm.tpl')) {
$this->template = $this->config->get('config_template') . '/template/checkout_express/confirm.tpl';
} else {
$this->template = 'default/template/checkout_express/confirm.tpl';
}
$this->response->setOutput($this->render());
}
public function index()
{
$this->language->load('payment/paymate');
$this->document->setTitle($this->language->get('heading_title'));
$this->load->model('setting/setting');
if ($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate()) {
$this->model_setting_setting->editSetting('paymate', $this->request->post);
$this->session->data['success'] = $this->language->get('text_success');
$this->redirect($this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL'));
}
$this->data['heading_title'] = $this->language->get('heading_title');
$this->data['text_enabled'] = $this->language->get('text_enabled');
$this->data['text_disabled'] = $this->language->get('text_disabled');
$this->data['text_all_zones'] = $this->language->get('text_all_zones');
$this->data['text_yes'] = $this->language->get('text_yes');
$this->data['text_no'] = $this->language->get('text_no');
$this->data['entry_username'] = $this->language->get('entry_username');
$this->data['entry_password'] = $this->language->get('entry_password');
$this->data['entry_test'] = $this->language->get('entry_test');
$this->data['entry_total'] = $this->language->get('entry_total');
$this->data['entry_order_status'] = $this->language->get('entry_order_status');
$this->data['entry_geo_zone'] = $this->language->get('entry_geo_zone');
$this->data['entry_status'] = $this->language->get('entry_status');
$this->data['entry_sort_order'] = $this->language->get('entry_sort_order');
$this->data['button_save'] = $this->language->get('button_save');
$this->data['button_cancel'] = $this->language->get('button_cancel');
if (isset($this->error['warning'])) {
$this->data['error_warning'] = $this->error['warning'];
} else {
$this->data['error_warning'] = '';
}
if (isset($this->error['username'])) {
$this->data['error_username'] = $this->error['username'];
} else {
$this->data['error_username'] = '';
}
if (isset($this->error['password'])) {
$this->data['error_password'] = $this->error['password'];
} else {
$this->data['error_password'] = '';
}
$this->data['breadcrumbs'] = array();
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_home'), 'href' => $this->url->link('common/home', 'token=' . $this->session->data['token'], 'SSL'), 'separator' => false);
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_payment'), 'href' => $this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL'), 'separator' => ' :: ');
$this->data['breadcrumbs'][] = array('text' => $this->language->get('heading_title'), 'href' => $this->url->link('payment/paymate', 'token=' . $this->session->data['token'], 'SSL'), 'separator' => ' :: ');
$this->data['action'] = $this->url->link('payment/paymate', 'token=' . $this->session->data['token'], 'SSL');
$this->data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL');
if (isset($this->request->post['paymate_username'])) {
$this->data['paymate_username'] = $this->request->post['paymate_username'];
} else {
$this->data['paymate_username'] = $this->config->get('paymate_username');
}
if (isset($this->request->post['paymate_password'])) {
$this->data['paymate_username'] = $this->request->post['paymate_username'];
} elseif ($this->config->get('paymate_password')) {
$this->data['paymate_password'] = $this->config->get('paymate_password');
} else {
$this->data['paymate_password'] = hash_rand('md5');
}
if (isset($this->request->post['paymate_test'])) {
$this->data['paymate_test'] = $this->request->post['paymate_test'];
} else {
$this->data['paymate_test'] = $this->config->get('paymate_test');
}
if (isset($this->request->post['paymate_total'])) {
$this->data['paymate_total'] = $this->request->post['paymate_total'];
} else {
$this->data['paymate_total'] = $this->config->get('paymate_total');
}
if (isset($this->request->post['paymate_order_status_id'])) {
$this->data['paymate_order_status_id'] = $this->request->post['paymate_order_status_id'];
} else {
$this->data['paymate_order_status_id'] = $this->config->get('paymate_order_status_id');
}
$this->load->model('localisation/order_status');
$this->data['order_statuses'] = $this->model_localisation_order_status->getOrderStatuses();
if (isset($this->request->post['paymate_geo_zone_id'])) {
$this->data['paymate_geo_zone_id'] = $this->request->post['paymate_geo_zone_id'];
} else {
$this->data['paymate_geo_zone_id'] = $this->config->get('paymate_geo_zone_id');
}
$this->load->model('localisation/geo_zone');
$this->data['geo_zones'] = $this->model_localisation_geo_zone->getGeoZones();
if (isset($this->request->post['paymate_status'])) {
$this->data['paymate_status'] = $this->request->post['paymate_status'];
} else {
$this->data['paymate_status'] = $this->config->get('paymate_status');
}
if (isset($this->request->post['paymate_sort_order'])) {
$this->data['paymate_sort_order'] = $this->request->post['paymate_sort_order'];
} else {
$this->data['paymate_sort_order'] = $this->config->get('paymate_sort_order');
}
$this->template = 'payment/paymate.tpl';
$this->children = array('common/header', 'common/footer');
$this->response->setOutput($this->render());
}
public function setToken()
{
$this->session->data['customer_token'] = hash_rand('md5');
}
public function index()
{
$this->language->load('checkout/manual');
$json = array();
$this->load->library('user');
$this->user = new User($this->registry);
if ($this->user->isLogged() && $this->user->hasPermission('modify', 'sale/order')) {
// Reset everything
$this->cart->clear();
$this->customer->logout();
unset($this->session->data['shipping_method']);
unset($this->session->data['shipping_methods']);
unset($this->session->data['payment_method']);
unset($this->session->data['payment_methods']);
unset($this->session->data['coupon']);
unset($this->session->data['reward']);
unset($this->session->data['voucher']);
unset($this->session->data['vouchers']);
unset($this->session->data['current_voucher']);
unset($this->session->data['current_voucher_value']);
unset($this->session->data['current_reward']);
unset($this->session->data['current_credit']);
// Manual order flag
$this->session->data['manual'] = true;
// Settings
$this->load->model('setting/setting');
$settings = $this->model_setting_setting->getSetting('config', $this->request->post['store_id']);
foreach ($settings as $key => $value) {
$this->config->set($key, $value);
}
// Customer
if ($this->request->post['customer_id']) {
$this->load->model('account/customer');
$customer_info = $this->model_account_customer->getCustomer($this->request->post['customer_id']);
if ($customer_info) {
$this->customer->login($customer_info['email'], '', true);
$this->cart->clear();
} else {
$json['error']['customer'] = $this->language->get('error_customer');
}
} else {
// Customer Group
$this->config->set('config_customer_group_id', $this->request->post['customer_group_id']);
}
// Product
$this->load->model('catalog/product');
if (isset($this->request->post['order_product'])) {
foreach ($this->request->post['order_product'] as $order_product) {
$option_data = array();
if (isset($order_product['order_option'])) {
foreach ($order_product['order_option'] as $option) {
if ($option['type'] == 'select' || $option['type'] == 'radio' || $option['type'] == 'image') {
$option_data[$option['product_option_id']] = $option['product_option_value_id'];
} elseif ($option['type'] == 'checkbox') {
$option_data[$option['product_option_id']][] = $option['product_option_value_id'];
} elseif ($option['type'] == 'text' || $option['type'] == 'textarea' || $option['type'] == 'file' || $option['type'] == 'date' || $option['type'] == 'datetime' || $option['type'] == 'time') {
$option_data[$option['product_option_id']] = $option['value'];
}
}
}
$this->cart->add($order_product['product_id'], $order_product['quantity'], $option_data);
}
}
if (isset($this->request->post['product_id'])) {
$product_info = $this->model_catalog_product->getProduct($this->request->post['product_id']);
if ($product_info) {
if (isset($this->request->post['quantity'])) {
$quantity = $this->request->post['quantity'];
} else {
$quantity = 1;
}
if (isset($this->request->post['option'])) {
$option = array_filter($this->request->post['option']);
} else {
$option = array();
}
$product_options = $this->model_catalog_product->getProductOptions($this->request->post['product_id']);
foreach ($product_options as $product_option) {
if ($product_option['required'] && empty($option[$product_option['product_option_id']])) {
$json['error']['product']['option'][$product_option['product_option_id']] = sprintf($this->language->get('error_required'), $product_option['name']);
}
}
if (!isset($json['error']['product']['option'])) {
$this->cart->add($this->request->post['product_id'], $quantity, $option);
}
}
}
// Stock
if (!$this->cart->hasStock() && (!$this->config->get('config_stock_checkout') || $this->config->get('config_stock_warning'))) {
$json['error']['product']['stock'] = $this->language->get('error_stock');
}
// Tax
if ($this->cart->hasShipping()) {
$this->tax->setShippingAddress($this->request->post['shipping_country_id'], $this->request->post['shipping_zone_id']);
} else {
$this->tax->setShippingAddress($this->config->get('config_country_id'), $this->config->get('config_zone_id'));
}
$this->tax->setPaymentAddress($this->request->post['payment_country_id'], $this->request->post['payment_zone_id']);
$this->tax->setStoreAddress($this->config->get('config_country_id'), $this->config->get('config_zone_id'));
// Products
$json['order_product'] = array();
$products = $this->cart->getProducts();
foreach ($products as $product) {
$product_total = 0;
foreach ($products as $product_2) {
if ($product_2['product_id'] == $product['product_id']) {
$product_total += $product_2['quantity'];
}
}
if ($product['minimum'] > $product_total) {
$json['error']['product']['minimum'][] = sprintf($this->language->get('error_minimum'), $product['name'], $product['minimum']);
}
$option_data = array();
foreach ($product['option'] as $option) {
$option_data[] = array('product_option_id' => $option['product_option_id'], 'product_option_value_id' => $option['product_option_value_id'], 'name' => $option['name'], 'value' => $option['option_value'], 'type' => $option['type']);
}
$download_data = array();
foreach ($product['download'] as $download) {
$download_data[] = array('name' => $download['name'], 'filename' => $download['filename'], 'mask' => $download['mask'], 'remaining' => $download['remaining']);
}
$json['order_product'][] = array('product_id' => $product['product_id'], 'name' => $product['name'], 'model' => $product['model'], 'option' => $option_data, 'download' => $download_data, 'quantity' => $product['quantity'], 'stock' => $product['stock'], 'price' => $product['price'], 'total' => $product['total'], 'tax' => $this->tax->getTax($product['price'], $product['tax_class_id']), 'reward' => $product['reward']);
}
// Voucher
$this->session->data['vouchers'] = array();
if (isset($this->request->post['order_voucher'])) {
foreach ($this->request->post['order_voucher'] as $voucher) {
$this->session->data['vouchers'][] = array('voucher_id' => $voucher['voucher_id'], 'description' => $voucher['description'], 'code' => substr(hash_rand('md5'), 0, 10), 'from_name' => $voucher['from_name'], 'from_email' => $voucher['from_email'], 'to_name' => $voucher['to_name'], 'to_email' => $voucher['to_email'], 'voucher_theme_id' => $voucher['voucher_theme_id'], 'message' => $voucher['message'], 'amount' => $voucher['amount']);
}
}
// Add a new voucher if set
if (isset($this->request->post['from_name']) && isset($this->request->post['from_email']) && isset($this->request->post['to_name']) && isset($this->request->post['to_email']) && isset($this->request->post['amount'])) {
if (utf8_strlen($this->request->post['from_name']) < 1 || utf8_strlen($this->request->post['from_name']) > 64) {
$json['error']['vouchers']['from_name'] = $this->language->get('error_from_name');
}
if (utf8_strlen($this->request->post['from_email']) > 96 || !preg_match('/^[^\\@]+@.*.[a-z]{2,15}$/i', $this->request->post['from_email'])) {
$json['error']['vouchers']['from_email'] = $this->language->get('error_email');
}
if (utf8_strlen($this->request->post['to_name']) < 1 || utf8_strlen($this->request->post['to_name']) > 64) {
$json['error']['vouchers']['to_name'] = $this->language->get('error_to_name');
}
if (utf8_strlen($this->request->post['to_email']) > 96 || !preg_match('/^[^\\@]+@.*.[a-z]{2,15}$/i', $this->request->post['to_email'])) {
$json['error']['vouchers']['to_email'] = $this->language->get('error_email');
}
if ($this->request->post['amount'] < $this->config->get('config_voucher_min') || $this->request->post['amount'] > $this->config->get('config_voucher_max')) {
$json['error']['vouchers']['amount'] = sprintf($this->language->get('error_amount'), $this->currency->format($this->config->get('config_voucher_min'), false, 1), $this->currency->format($this->config->get('config_voucher_max'), false, 1) . ' ' . $this->config->get('config_currency'));
}
if (!isset($json['error']['vouchers'])) {
$voucher_data = array('order_id' => 0, 'code' => substr(hash_rand('md5'), 0, 10), 'from_name' => $this->request->post['from_name'], 'from_email' => $this->request->post['from_email'], 'to_name' => $this->request->post['to_name'], 'to_email' => $this->request->post['to_email'], 'voucher_theme_id' => $this->request->post['voucher_theme_id'], 'message' => $this->request->post['message'], 'amount' => $this->request->post['amount'], 'status' => true);
$this->load->model('checkout/voucher');
$voucher_id = $this->model_checkout_voucher->addVoucher(0, $voucher_data);
$this->session->data['vouchers'][] = array('voucher_id' => $voucher_id, 'description' => sprintf($this->language->get('text_for'), $this->currency->format($this->request->post['amount'], $this->config->get('config_currency')), $this->request->post['to_name']), 'code' => substr(hash_rand('md5'), 0, 10), 'from_name' => $this->request->post['from_name'], 'from_email' => $this->request->post['from_email'], 'to_name' => $this->request->post['to_name'], 'to_email' => $this->request->post['to_email'], 'voucher_theme_id' => $this->request->post['voucher_theme_id'], 'message' => $this->request->post['message'], 'amount' => $this->request->post['amount']);
}
}
$json['order_voucher'] = array();
foreach ($this->session->data['vouchers'] as $voucher) {
$json['order_voucher'][] = array('voucher_id' => $voucher['voucher_id'], 'description' => $voucher['description'], 'code' => $voucher['code'], 'from_name' => $voucher['from_name'], 'from_email' => $voucher['from_email'], 'to_name' => $voucher['to_name'], 'to_email' => $voucher['to_email'], 'voucher_theme_id' => $voucher['voucher_theme_id'], 'message' => $voucher['message'], 'amount' => $voucher['amount']);
}
$this->load->model('setting/extension');
$this->load->model('localisation/country');
$this->load->model('localisation/zone');
// Shipping
$json['shipping_method'] = array();
if ($this->cart->hasShipping()) {
$country_info = $this->model_localisation_country->getCountry($this->request->post['shipping_country_id']);
if ($this->request->post['shipping_country_id'] == '') {
$json['error']['shipping']['country'] = $this->language->get('error_country');
}
if (!isset($this->request->post['shipping_zone_id']) || $this->request->post['shipping_zone_id'] == '') {
$json['error']['shipping']['zone'] = $this->language->get('error_zone');
}
if ($country_info && $country_info['postcode_required'] && utf8_strlen($this->request->post['shipping_postcode']) < 2 || utf8_strlen($this->request->post['shipping_postcode']) > 10) {
$json['error']['shipping']['postcode'] = $this->language->get('error_postcode');
}
if (!isset($json['error']['shipping'])) {
if ($country_info) {
$country = $country_info['name'];
$iso_code_2 = $country_info['iso_code_2'];
$iso_code_3 = $country_info['iso_code_3'];
$address_format = $country_info['address_format'];
} else {
$country = '';
$iso_code_2 = '';
$iso_code_3 = '';
$address_format = '';
}
$zone_info = $this->model_localisation_zone->getZone($this->request->post['shipping_zone_id']);
if ($zone_info) {
$zone = $zone_info['name'];
$zone_code = $zone_info['code'];
} else {
$zone = '';
$zone_code = '';
}
$address_data = array('firstname' => $this->request->post['shipping_firstname'], 'lastname' => $this->request->post['shipping_lastname'], 'company' => $this->request->post['shipping_company'], 'address_1' => $this->request->post['shipping_address_1'], 'address_2' => $this->request->post['shipping_address_2'], 'postcode' => $this->request->post['shipping_postcode'], 'city' => $this->request->post['shipping_city'], 'zone_id' => $this->request->post['shipping_zone_id'], 'zone' => $zone, 'zone_code' => $zone_code, 'country_id' => $this->request->post['shipping_country_id'], 'country' => $country, 'iso_code_2' => $iso_code_2, 'iso_code_3' => $iso_code_3, 'address_format' => $address_format);
$results = $this->model_setting_extension->getExtensions('shipping');
foreach ($results as $result) {
if ($this->config->get($result['code'] . '_status')) {
$this->load->model('shipping/' . $result['code']);
$quote = $this->{'model_shipping_' . $result['code']}->getQuote($address_data);
if ($quote) {
$json['shipping_method'][$result['code']] = array('title' => $quote['title'], 'quote' => $quote['quote'], 'sort_order' => $quote['sort_order'], 'error' => $quote['error']);
}
}
}
$sort_order = array();
foreach ($json['shipping_method'] as $key => $value) {
$sort_order[$key] = $value['sort_order'];
}
array_multisort($sort_order, SORT_ASC, $json['shipping_method']);
if (!$json['shipping_method']) {
$json['error']['shipping_method'] = $this->language->get('error_no_shipping');
} elseif ($this->request->post['shipping_code']) {
$shipping = explode('.', $this->request->post['shipping_code']);
if (!isset($shipping[0]) || !isset($shipping[1]) || !isset($json['shipping_method'][$shipping[0]]['quote'][$shipping[1]])) {
$json['error']['shipping_method'] = $this->language->get('error_shipping');
} else {
$this->session->data['shipping_method'] = $json['shipping_method'][$shipping[0]]['quote'][$shipping[1]];
}
}
}
}
// Coupon
if (!empty($this->request->post['coupon'])) {
$this->load->model('checkout/coupon');
$coupon_info = $this->model_checkout_coupon->getCoupon($this->request->post['coupon']);
if ($coupon_info) {
$this->session->data['coupon'] = $this->request->post['coupon'];
} else {
$json['error']['coupon'] = $this->language->get('error_coupon');
}
}
// Voucher
if (!empty($this->request->post['voucher'])) {
$this->load->model('checkout/voucher');
$voucher_info = $this->model_checkout_voucher->getVoucher($this->request->post['voucher']);
if ($this->request->post['voucher'] == $this->request->post['current_voucher']) {
$this->session->data['current_voucher_value'] = $this->request->post['current_voucher_value'];
$this->session->data['voucher'] = $this->request->post['voucher'];
} elseif ($voucher_info) {
$this->session->data['voucher'] = $this->request->post['voucher'];
} else {
$json['error']['voucher'] = $this->language->get('error_voucher');
}
}
// Reward Points
if (!empty($this->request->post['current_reward'])) {
$this->session->data['current_reward'] = $this->request->post['current_reward'];
}
if (!empty($this->request->post['reward'])) {
$points = $this->customer->getRewardPoints();
if ($this->request->post['reward'] > $points) {
$json['error']['reward'] = sprintf($this->language->get('error_points'), $this->request->post['reward']);
}
if (!isset($json['error']['reward'])) {
$points_total = 0;
foreach ($this->cart->getProducts() as $product) {
if ($product['points']) {
$points_total += $product['points'];
}
}
if ($this->request->post['reward'] > $points_total) {
$json['error']['reward'] = sprintf($this->language->get('error_maximum'), $points_total);
}
if (!isset($json['error']['reward'])) {
$this->session->data['reward'] = $this->request->post['reward'];
}
}
}
// Credit
if (!empty($this->request->post['current_credit'])) {
$this->session->data['current_credit'] = $this->request->post['current_credit'];
}
// Save payment code to session. Klarna fee total needs this.
$this->session->data['payment_method']['code'] = isset($this->request->post['payment_code']) ? $this->request->post['payment_code'] : '';
// Totals
$json['order_total'] = array();
$total = 0;
$taxes = $this->cart->getTaxes();
$sort_order = array();
$results = $this->model_setting_extension->getExtensions('total');
foreach ($results as $key => $value) {
$sort_order[$key] = $this->config->get($value['code'] . '_sort_order');
}
array_multisort($sort_order, SORT_ASC, $results);
foreach ($results as $result) {
if ($this->config->get($result['code'] . '_status')) {
$this->load->model('total/' . $result['code']);
$this->{'model_total_' . $result['code']}->getTotal($json['order_total'], $total, $taxes);
}
$sort_order = array();
foreach ($json['order_total'] as $key => $value) {
$sort_order[$key] = $value['sort_order'];
}
array_multisort($sort_order, SORT_ASC, $json['order_total']);
}
// Payment
$this->load->model('localisation/country');
$country_info = $this->model_localisation_country->getCountry($this->request->post['payment_country_id']);
if ($country_info && $country_info['postcode_required'] && utf8_strlen($this->request->post['payment_postcode']) < 2 || utf8_strlen($this->request->post['payment_postcode']) > 10) {
$json['error']['payment']['postcode'] = $this->language->get('error_postcode');
}
if ($this->request->post['payment_country_id'] == '') {
$json['error']['payment']['country'] = $this->language->get('error_country');
}
if (!isset($this->request->post['payment_zone_id']) || $this->request->post['payment_zone_id'] == '') {
$json['error']['payment']['zone'] = $this->language->get('error_zone');
}
if (!isset($json['error']['payment'])) {
$json['payment_methods'] = array();
$country_info = $this->model_localisation_country->getCountry($this->request->post['payment_country_id']);
if ($country_info) {
$country = $country_info['name'];
$iso_code_2 = $country_info['iso_code_2'];
$iso_code_3 = $country_info['iso_code_3'];
$address_format = $country_info['address_format'];
} else {
$country = '';
$iso_code_2 = '';
$iso_code_3 = '';
$address_format = '';
}
$zone_info = $this->model_localisation_zone->getZone($this->request->post['payment_zone_id']);
if ($zone_info) {
$zone = $zone_info['name'];
$zone_code = $zone_info['code'];
} else {
$zone = '';
$zone_code = '';
}
$address_data = array('firstname' => $this->request->post['payment_firstname'], 'lastname' => $this->request->post['payment_lastname'], 'company' => $this->request->post['payment_company'], 'address_1' => $this->request->post['payment_address_1'], 'address_2' => $this->request->post['payment_address_2'], 'postcode' => $this->request->post['payment_postcode'], 'city' => $this->request->post['payment_city'], 'zone_id' => $this->request->post['payment_zone_id'], 'zone' => $zone, 'zone_code' => $zone_code, 'country_id' => $this->request->post['payment_country_id'], 'country' => $country, 'iso_code_2' => $iso_code_2, 'iso_code_3' => $iso_code_3, 'address_format' => $address_format);
$json['payment_method'] = array();
$results = $this->model_setting_extension->getExtensions('payment');
foreach ($results as $result) {
if ($this->config->get($result['code'] . '_status')) {
$this->load->model('payment/' . $result['code']);
$method = $this->{'model_payment_' . $result['code']}->getMethod($address_data, $total);
if ($method) {
$json['payment_method'][$result['code']] = $method;
}
}
}
$sort_order = array();
foreach ($json['payment_method'] as $key => $value) {
$sort_order[$key] = $value['sort_order'];
}
array_multisort($sort_order, SORT_ASC, $json['payment_method']);
if (!$json['payment_method']) {
$json['error']['payment_method'] = $this->language->get('error_no_payment');
} elseif ($this->request->post['payment_code']) {
if (!isset($json['payment_method'][$this->request->post['payment_code']])) {
$json['error']['payment_method'] = $this->language->get('error_payment');
}
}
}
if (!isset($json['error'])) {
$json['success'] = $this->language->get('text_success');
} else {
$json['error']['warning'] = $this->language->get('error_warning');
}
// Reset everything
$this->cart->clear();
$this->customer->logout();
unset($this->session->data['shipping_method']);
unset($this->session->data['shipping_methods']);
unset($this->session->data['payment_method']);
unset($this->session->data['payment_methods']);
unset($this->session->data['coupon']);
unset($this->session->data['reward']);
unset($this->session->data['voucher']);
unset($this->session->data['vouchers']);
unset($this->session->data['current_voucher']);
unset($this->session->data['current_voucher_value']);
unset($this->session->data['current_reward']);
unset($this->session->data['current_credit']);
unset($this->session->data['manual']);
} else {
$json['error']['warning'] = $this->language->get('error_permission');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
public function upload()
{
$this->language->load('product/product');
$json = array();
if (!empty($this->request->files['file']['name'])) {
$filename = basename(preg_replace('/[^a-zA-Z0-9\\.\\-\\s+]/', '', html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8')));
if (utf8_strlen($filename) < 3 || utf8_strlen($filename) > 64) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
$allowed = array();
$filetypes = explode("\n", str_replace(array("\r\n", "\r"), "\n", $this->config->get('config_file_extension_allowed')));
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array(substr(strrchr($filename, '.'), 1), $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Allowed file mime types
$allowed = array();
$filetypes = explode("\n", str_replace(array("\r\n", "\r"), "\n", $this->config->get('config_file_mime_allowed')));
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array($this->request->files['file']['type'], $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
} else {
$json['error'] = $this->language->get('error_upload');
}
if (!$json && is_uploaded_file($this->request->files['file']['tmp_name']) && file_exists($this->request->files['file']['tmp_name'])) {
$file = basename($filename) . '.' . hash_rand('md5');
// Hide the uploaded file name so people can not link to it directly.
$json['file'] = $this->encryption->encrypt($file);
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_DOWNLOAD . $file);
$json['success'] = $this->language->get('text_upload');
}
$this->response->setOutput(json_encode($json));
}
public function setToken()
{
$this->session->data['affiliate_token'] = hash_rand('md5');
}
public function login()
{
$json = array();
if (isset($this->request->get['customer_id'])) {
$customer_id = $this->request->get['customer_id'];
} else {
$customer_id = 0;
}
$this->load->model('sale/customer');
$customer_info = $this->model_sale_customer->getCustomer($customer_id);
if ($customer_info) {
$token = hash_rand('md5');
$this->model_sale_customer->editToken($customer_id, $token);
if (isset($this->request->get['store_id'])) {
$store_id = $this->request->get['store_id'];
} else {
$store_id = 0;
}
$this->load->model('setting/store');
$store_info = $this->model_setting_store->getStore($store_id);
if ($store_info) {
$this->redirect(($this->config->get('config_secure') ? $store_info['ssl'] : $store_info['url']) . 'index.php?route=account/login&token=' . $token);
} else {
$this->redirect(($this->config->get('config_secure') ? HTTPS_CATALOG : HTTP_CATALOG) . 'index.php?route=account/login&token=' . $token);
}
} else {
$this->language->load('error/not_found');
$this->document->setTitle($this->language->get('heading_title'));
$this->data['heading_title'] = $this->language->get('heading_title');
$this->data['text_not_found'] = $this->language->get('text_not_found');
$this->data['breadcrumbs'] = array();
$this->data['breadcrumbs'][] = array('text' => $this->language->get('text_home'), 'href' => $this->url->link('common/home', 'token=' . $this->session->data['token'], 'SSL'), 'separator' => false);
$this->data['breadcrumbs'][] = array('text' => $this->language->get('heading_title'), 'href' => $this->url->link('error/not_found', 'token=' . $this->session->data['token'], 'SSL'), 'separator' => ' :: ');
$this->template = 'error/not_found.tpl';
$this->children = array('common/header', 'common/footer');
$this->response->setOutput($this->render());
}
}
public function database($data)
{
$db = new DB($data['db_driver'], $data['db_hostname'], $data['db_username'], $data['db_password'], $data['db_database'], $data['db_port']);
if (isset($data['demo_data'])) {
$file = DIR_APPLICATION . 'opencart-clean.sql';
if (!file_exists($file)) {
exit('Could not load sql file: ' . $file);
}
} else {
$file = DIR_APPLICATION . 'opencart.sql';
if (!file_exists($file)) {
exit('Could not load sql file: ' . $file);
}
}
clearstatcache();
$lines = file($file);
if ($lines) {
$sql = '';
foreach ($lines as $line) {
if ($line && substr($line, 0, 2) != '--' && substr($line, 0, 1) != '#') {
$sql .= $line;
if (preg_match('/;\\s*$/', $line)) {
$sql = str_replace("DROP TABLE IF EXISTS `oc_", "DROP TABLE IF EXISTS `" . $data['db_prefix'], $sql);
$sql = str_replace("CREATE TABLE `oc_", "CREATE TABLE `" . $data['db_prefix'], $sql);
$sql = str_replace("INSERT INTO `oc_", "INSERT INTO `" . $data['db_prefix'], $sql);
$db->query($sql);
$sql = '';
}
}
}
$db->query("SET CHARACTER SET utf8");
$db->query("SET @@session.sql_mode = 'MYSQL40'");
$db->query("DELETE FROM `" . $data['db_prefix'] . "user` WHERE user_id = '1'");
$db->query("INSERT INTO `" . $data['db_prefix'] . "user` SET user_id = '1', user_group_id = '1', username = '******'username']) . "', salt = '" . $db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', password = '******'password'])))) . "', status = '1', email = '" . $db->escape($data['email']) . "', date_added = NOW()");
$db->query("DELETE FROM " . $data['db_prefix'] . "setting WHERE `key` = 'config_email'");
$db->query("INSERT INTO " . $data['db_prefix'] . "setting SET `group` = 'config', `key` = 'config_email', `value` = '" . $db->escape($data['email']) . "'");
$db->query("DELETE FROM " . $data['db_prefix'] . "setting WHERE `key` = 'config_url'");
$db->query("INSERT INTO " . $data['db_prefix'] . "setting SET `group` = 'config', `key` = 'config_url', `value` = '" . $db->escape(HTTP_OPENCART) . "'");
$db->query("DELETE FROM " . $data['db_prefix'] . "setting WHERE `key` = 'config_encryption'");
$db->query("INSERT INTO " . $data['db_prefix'] . "setting SET `group` = 'config', `key` = 'config_encryption', `value` = '" . $db->escape(hash_rand('md5')) . "'");
$db->query("DELETE FROM " . $data['db_prefix'] . "setting WHERE `key` = 'config_maintenance'");
$db->query("INSERT INTO " . $data['db_prefix'] . "setting SET `group` = 'config', `key` = 'config_maintenance', `value` = '" . (isset($data['maintenance']) ? 1 : 0) . "'");
$db->query("UPDATE " . $data['db_prefix'] . "product SET viewed = '0'");
}
if (isset($data['rewrite'])) {
if (function_exists('apache_get_modules')) {
$modules = apache_get_modules();
$mod_rewrite = in_array('mod_rewrite', $modules);
} else {
$mod_rewrite = getenv('HTTP_MOD_REWRITE') == 'On' ? true : false;
}
if ($mod_rewrite && file_exists('../.htaccess.txt') && is_writable('../.htaccess.txt')) {
$file = fopen('../.htaccess.txt', 'a');
$document = file_get_contents('../.htaccess.txt');
$root = rtrim(HTTP_SERVER, '/');
$folder = substr(strrchr($root, '/'), 1);
$path = rtrim(rtrim(dirname($_SERVER['SCRIPT_NAME']), ''), '/' . $folder . '.\\');
if (strlen($path) > 1) {
$path .= '/';
}
if (!$path) {
$path = '/';
}
$document = str_replace('RewriteBase /', 'RewriteBase ' . $path, $document);
file_put_contents('../.htaccess.txt', $document);
fflush($file);
fclose($file);
rename('../.htaccess.txt', '../.htaccess');
$db->query("DELETE FROM " . $data['db_prefix'] . "setting WHERE `key` = 'config_seo_url'");
$db->query("INSERT INTO " . $data['db_prefix'] . "setting SET `group` = 'config', `key` = 'config_seo_url', `value` = '" . (isset($data['rewrite']) ? 1 : 0) . "'");
clearstatcache();
}
}
}
public function index()
{
$this->language->load('common/login');
$this->document->setTitle($this->language->get('heading_title'));
// Delete install directory if exists
if (is_dir(dirname(DIR_APPLICATION) . '/install')) {
$this->load->model('tool/system');
$this->model_tool_system->deleteDirectory('../install');
}
if ($this->user->isLogged() && isset($this->request->get['token']) && $this->request->get['token'] == $this->session->data['token']) {
$this->redirect($this->url->link('common/home', 'token=' . $this->session->data['token'], 'SSL'));
}
if ($this->request->server['REQUEST_METHOD'] == 'POST' && isset($this->request->post['username']) && isset($this->request->post['password']) && $this->validate()) {
$this->session->data['token'] = hash_rand('md5');
// Added strpos check to pass McAfee PCI compliance test (http://forum.opencart.com/viewtopic.php?f=10&t=12043&p=151494#p151295)
if (isset($this->request->post['redirect']) && (strpos($this->request->post['redirect'], $this->config->get('config_url')) === 0 || strpos($this->request->post['redirect'], $this->config->get('config_ssl')) === 0)) {
$this->redirect(str_replace('&', '&', $this->request->post['redirect']));
} else {
$this->redirect($this->url->link('common/home', 'token=' . $this->session->data['token'], 'SSL'));
}
}
$this->data['heading_title'] = $this->language->get('heading_title');
$this->data['text_login'] = $this->language->get('text_login');
$this->data['text_forgotten'] = $this->language->get('text_forgotten');
$this->data['entry_username'] = $this->language->get('entry_username');
$this->data['entry_password'] = $this->language->get('entry_password');
$this->data['button_login'] = $this->language->get('button_login');
if (isset($this->session->data['token']) && !isset($this->request->get['token']) || isset($this->request->get['token']) && (isset($this->session->data['token']) && $this->request->get['token'] != $this->session->data['token'])) {
$this->error['warning'] = $this->language->get('error_token');
}
if (isset($this->request->post['redirect'])) {
$this->data['redirect'] = $this->request->post['redirect'];
} elseif (isset($this->session->data['redirect'])) {
$this->data['redirect'] = $this->session->data['redirect'];
unset($this->session->data['redirect']);
} else {
$this->data['redirect'] = '';
}
if (isset($this->error['warning'])) {
$this->data['error_warning'] = $this->error['warning'];
} else {
$this->data['error_warning'] = '';
}
if (isset($this->session->data['success'])) {
$this->data['success'] = $this->session->data['success'];
unset($this->session->data['success']);
} else {
$this->data['success'] = '';
}
$this->data['action'] = $this->url->link('common/login', '', 'SSL');
if (isset($this->request->post['username'])) {
$this->data['username'] = $this->request->post['username'];
} else {
$this->data['username'] = '';
}
if (isset($this->request->post['password'])) {
$this->data['password'] = $this->request->post['password'];
} else {
$this->data['password'] = '';
}
if ($this->config->get('config_password')) {
$this->data['forgotten'] = $this->url->link('common/forgotten', '', 'SSL');
} else {
$this->data['forgotten'] = '';
}
$this->template = 'common/login.tpl';
$this->children = array('common/header', 'common/footer');
$this->response->setOutput($this->render());
}
