/** * Interface processor for the promotion editor * * * * @return void **/ function editor () { global $Ecart; if ( !(is_ecart_userlevel() || current_user_can('ecart_promotions')) ) wp_die(__('You do not have sufficient permissions to access this page.')); require_once(ECART_PATH."/core/model/Promotion.php"); if ($_GET['id'] != "new") { $Promotion = new Promotion($_GET['id']); } else $Promotion = new Promotion(); include(ECART_PATH."/core/ui/promotions/editor.php"); }
/** * Interface processor for the product list manager * * @return void **/ function products ($workflow=false) { global $Ecart; $db = DB::get(); if ( !(is_ecart_userlevel() || current_user_can('ecart_categories')) ) wp_die(__('You do not have sufficient permissions to access this page.')); $defaults = array( 'pagenum' => 1, 'per_page' => 500, 'id' => 0, 's' => '' ); $args = array_merge($defaults,$_GET); extract($args,EXTR_SKIP); $pagenum = absint( $pagenum ); if ( empty($pagenum) ) $pagenum = 1; if( !$per_page || $per_page < 0 ) $per_page = 20; $start = ($per_page * ($pagenum-1)); $filters = array(); // $filters['limit'] = "$start,$per_page"; if (!empty($s)) $filters['where'] = "cat.name LIKE '%$s%'"; else $filters['where'] = "true"; $Category = new Category($id); $catalog_table = DatabaseObject::tablename(Catalog::$table); $product_table = DatabaseObject::tablename(Product::$table); $columns = "c.id AS cid,p.id,c.priority,p.name"; $where = "c.parent=$id AND type='category'"; $query = "SELECT $columns FROM $catalog_table AS c LEFT JOIN $product_table AS p ON c.product=p.id WHERE $where ORDER BY c.priority ASC,p.name ASC LIMIT $start,$per_page"; $products = $db->query($query); $count = $db->query("SELECT count(*) AS total FROM $table"); $num_pages = ceil($count->total / $per_page); $page_links = paginate_links( array( 'base' => add_query_arg( array('edit'=>null,'pagenum' => '%#%' )), 'format' => '', 'total' => $num_pages, 'current' => $pagenum )); $action = esc_url( add_query_arg( array_merge(stripslashes_deep($_GET),array('page'=>$this->Admin->pagename('categories'))), admin_url('admin.php') ) ); include(ECART_ADMIN_PATH."/categories/products.php"); }
/** * Interface processor for the customer editor * * Handles rendering the interface, processing updated customer details * and handing saving them back to the database * * @return void **/ function editor () { global $Ecart,$Customer; $db =& DB::get(); if ( !(is_ecart_userlevel() || current_user_can('ecart_customers')) ) wp_die(__('You do not have sufficient permissions to access this page.')); if ($_GET['id'] != "new") { $Customer = new Customer($_GET['id']); $Customer->Billing = new Billing($Customer->id,'customer'); $Customer->Shipping = new Shipping($Customer->id,'customer'); if (empty($Customer->id)) wp_die(__('The requested customer record does not exist.','Ecart')); } else $Customer = new Customer(); if (empty($Customer->info->meta)) remove_meta_box('customer-info','ecart_page_ecart-customers','normal'); $purchase_table = DatabaseObject::tablename(Purchase::$table); $r = $db->query("SELECT count(id) AS purchases,SUM(total) AS total FROM $purchase_table WHERE customer='$Customer->id' LIMIT 1"); $Customer->orders = $r->purchases; $Customer->total = $r->total; $countries = array(''=>' '); $countrydata = Lookup::countries(); foreach ($countrydata as $iso => $c) { if (isset($_POST['settings']) && $_POST['settings']['base_operations']['country'] == $iso) $base_region = $c['region']; $countries[$iso] = $c['name']; } $Customer->countries = $countries; $regions = Lookup::country_zones(); $Customer->billing_states = array_merge(array(''=>' '),(array)$regions[$Customer->Billing->country]); $Customer->shipping_states = array_merge(array(''=>' '),(array)$regions[$Customer->Shipping->country]); include(ECART_ADMIN_PATH."/customers/editor.php"); }
/** * Handles saving updates from the product editor * * Saves all product related information which includes core product data * and supporting elements such as images, digital downloads, tags, * assigned categories, specs and pricing variations. * * @return void **/ function save_product ($Product) { $db = DB::get(); $Settings = &EcartSettings(); check_admin_referer('ecart-save-product'); if ( !(is_ecart_userlevel() || current_user_can('ecart_products')) ) wp_die(__('You do not have sufficient permissions to access this page.')); $Settings->saveform(); // Save workflow setting $base = $Settings->get('base_operations'); $taxrate = 0; if ($base['vat']) $taxrate = ecart_taxrate(null,true,$Product); if (empty($_POST['options'])) $Product->options = array(); else $_POST['options'] = stripslashes_deep($_POST['options']); if (empty($Product->slug)) $Product->slug = sanitize_title_with_dashes($_POST['name']); // Check for an existing product slug $exclude_product = !empty($Product->id)?"AND id != $Product->id":""; $existing = $db->query("SELECT slug FROM $Product->_table WHERE slug='$Product->slug' $exclude_product LIMIT 1"); if ($existing) { $suffix = 2; while($existing) { $altslug = substr($Product->slug, 0, 200-(strlen($suffix)+1)). "-".$suffix++; $existing = $db->query("SELECT slug FROM $Product->_table WHERE slug='$altslug' $exclude_product LIMIT 1"); } $Product->slug = $altslug; } if ($_POST['status'] == "publish") { $publishfields = array('month' => '','date' => '','year' => '','hour'=>'','minute'=>'','meridiem'=>''); $publishdate = join('',array_merge($publishfields,$_POST['publish'])); if (!empty($publishdate)) { if ($_POST['publish']['meridiem'] == "PM" && $_POST['publish']['hour'] < 12) $_POST['publish']['hour'] += 12; $_POST['publish'] = mktime($_POST['publish']['hour'],$_POST['publish']['minute'],0,$_POST['publish']['month'],$_POST['publish']['date'],$_POST['publish']['year']); } else { unset($_POST['publish']); // Auto set the publish date if not set (or more accurately, if set to an irrelevant timestamp) if ($Product->publish <= 86400) $Product->publish = time(); } } else { unset($_POST['publish']); $Product->publish = 0; } if (isset($_POST['content'])) $_POST['description'] = $_POST['content']; $Product->updates($_POST,array('categories','prices')); $Product->save(); $Product->save_categories($_POST['categories']); $Product->save_tags(explode(",",$_POST['taglist'])); if (!empty($_POST['price']) && is_array($_POST['price'])) { // Delete prices that were marked for removal if (!empty($_POST['deletePrices'])) { $deletes = array(); if (strpos($_POST['deletePrices'],",")) $deletes = explode(',',$_POST['deletePrices']); else $deletes = array($_POST['deletePrices']); foreach($deletes as $option) { $Price = new Price($option); $Price->delete(); } } // Save prices that there are updates for foreach($_POST['price'] as $i => $option) { if (empty($option['id'])) { $Price = new Price(); $option['product'] = $Product->id; } else $Price = new Price($option['id']); $option['sortorder'] = array_search($i,$_POST['sortorder'])+1; // Remove VAT amount to save in DB if ($base['vat'] && isset($option['tax']) && $option['tax'] == "on") { $option['price'] = (floatvalue($option['price'])/(1+$taxrate)); $option['saleprice'] = (floatvalue($option['saleprice'])/(1+$taxrate)); } $option['shipfee'] = floatvalue($option['shipfee']); $option['weight'] = floatvalue($option['weight']); if (isset($options['dimensions']) && is_array($options['dimensions'])) foreach ($option['dimensions'] as &$dimension) $dimension = floatvalue($dimension); $Price->updates($option); $Price->save(); if (!empty($option['download'])) $Price->attach_download($option['download']); if (!empty($option['downloadpath'])) { // Attach file specified by URI/path if (!empty($Price->download->id) || (empty($Price->download) && $Price->load_download())) { $File = $Price->download; } else $File = new ProductDownload(); $stored = false; $tmpfile = sanitize_path($option['downloadpath']); $File->storage = false; $Engine = $File->_engine(); // Set engine from storage settings $File->parent = $Price->id; $File->context = "price"; $File->type = "download"; $File->name = !empty($option['downloadfile'])?$option['downloadfile']:basename($tmpfile); $File->filename = $File->name; if ($File->found($tmpfile)) { $File->uri = $tmpfile; $stored = true; } else $stored = $File->store($tmpfile,'file'); if ($stored) { $File->readmeta(); $File->save(); } } // END attach file by path/uri } unset($Price); } // No variation options at all, delete all variation-pricelines if (!empty($Product->prices) && is_array($Product->prices) && (empty($_POST['options']['v']) || empty($_POST['options']['a']))) { foreach ($Product->prices as $priceline) { // Skip if not tied to variation options if ($priceline->optionkey == 0) continue; if ((empty($_POST['options']['v']) && $priceline->context == "variation") || (empty($_POST['options']['a']) && $priceline->context == "addon")) { $Price = new Price($priceline->id); $Price->delete(); } } } if (!empty($_POST['details']) || !empty($_POST['deletedSpecs'])) { $deletes = array(); if (!empty($_POST['deletedSpecs'])) { if (strpos($_POST['deletedSpecs'],",")) $deletes = explode(',',$_POST['deletedSpecs']); else $deletes = array($_POST['deletedSpecs']); foreach($deletes as $option) { $Spec = new Spec($option); $Spec->delete(); } unset($Spec); } if (is_array($_POST['details'])) { foreach ($_POST['details'] as $i => $spec) { if (in_array($spec['id'],$deletes)) continue; if (isset($spec['new'])) { $Spec = new Spec(); $spec['id'] = ''; $spec['parent'] = $Product->id; } else $Spec = new Spec($spec['id']); $spec['sortorder'] = array_search($i,$_POST['details-sortorder'])+1; $Spec->updates($spec); $Spec->save(); } } } if (!empty($_POST['deleteImages'])) { $deletes = array(); if (strpos($_POST['deleteImages'],",")) $deletes = explode(',',$_POST['deleteImages']); else $deletes = array($_POST['deleteImages']); $Product->delete_images($deletes); } if (!empty($_POST['images']) && is_array($_POST['images'])) { $Product->link_images($_POST['images']); $Product->save_imageorder($_POST['images']); if (!empty($_POST['imagedetails'])) $Product->update_images($_POST['imagedetails']); } do_action_ref_array('ecart_product_saved',array(&$Product)); unset($Product); return true; }
/** * Interface processor for the order manager * * @return void **/ function manager () { global $Ecart,$UI,$Notes; global $is_IIS; if ( !(is_ecart_userlevel() || current_user_can('ecart_orders')) ) wp_die(__('You do not have sufficient permissions to access this page.','Ecart')); $Purchase = $Ecart->Purchase; $Purchase->Customer = new Customer($Purchase->customer); // Handle Order note processing if (!empty($_POST['note'])) { $user = wp_get_current_user(); $Note = new MetaObject(); $Note->parent = $Purchase->id; $Note->context = 'purchase'; $Note->type = 'order_note'; $Note->name = 'note'; $Note->value = new stdClass(); $Note->value->author = $user->ID; $Note->value->message = $_POST['note']; $Note->save(); } if (!empty($_POST['delete-note'])) { $noteid = key($_POST['delete-note']); $Note = new MetaObject($noteid); $Note->delete(); } if (!empty($_POST['edit-note'])) { $noteid = key($_POST['note-editor']); $Note = new MetaObject($noteid); $Note->value->message = $_POST['note-editor'][$noteid]; $Note->save(); } $Notes = new ObjectMeta($Purchase->id,'purchase','order_note'); if (!empty($_POST['update'])) { check_admin_referer('ecart-save-order'); if ($_POST['txnstatus'] != $Purchase->txnstatus) do_action_ref_array('ecart_order_txnstatus_update',array(&$_POST['txnstatus'],&$Purchase)); $Purchase->updates($_POST); $mailstatus = false; if ($_POST['notify'] == "yes") { $labels = $this->Settings->get('order_status'); // Save a reference to this purchase in Ecart // so the Template API works when generating the receipt $Ecart->Purchase =& $Purchase; // Send the e-mail notification $addressee = "$Purchase->firstname $Purchase->lastname"; $address = "$Purchase->email"; $email = array(); $email['from'] = '"'.get_bloginfo("name").'"'; if ($Ecart->Settings->get('merchant_email')) $email['from'] .= ' <'.$Ecart->Settings->get('merchant_email').'>'; if($is_IIS) $email['to'] = $address; else $email['to'] = '"'.html_entity_decode($addressee,ENT_QUOTES).'" <'.$address.'>'; $email['subject'] = __('Order Updated','Ecart'); $email['url'] = get_bloginfo('siteurl'); $email['sitename'] = get_bloginfo('name'); if ($_POST['receipt'] == "yes") $email['receipt'] = $Purchase->receipt(); $email['status'] = strtoupper($labels[$Purchase->status]); $email['message'] = wpautop(stripslashes($_POST['message'])); if (file_exists(ECART_TEMPLATES."/notification.html")) $template = ECART_TEMPLATES."/notification.html"; if (file_exists(ECART_TEMPLATES."/notify.php")) $template = ECART_TEMPLATES."/notify.php"; if (ecart_email($template,$email)) $mailsent = true; } $Purchase->save(); if ($mailsent) $updated = __('Order status updated & notification email sent.','Ecart'); else $updated = __('Order status updated.','Ecart'); } $targets = $this->Settings->get('target_markets'); $UI->txnStatusLabels = Lookup::payment_status_labels(); $UI->statusLabels = $this->Settings->get('order_status'); if (empty($statusLabels)) $statusLabels = array(''); include(ECART_ADMIN_PATH."/orders/order.php"); }
/** * Initializes the Ecart dashboard widgets * * @since 1.0 * * @return void **/ function dashboard () { $dashboard = $this->Settings->get('dashboard'); if (!((is_ecart_userlevel() || current_user_can('ecart_financials')) && $dashboard == "on")) return false; wp_add_dashboard_widget('dashboard_ecart_orders', __('Shopping Cart Orders','Ecart'), array(&$this,'orders_widget'), array('all_link' => 'admin.php?page='.$this->pagename('orders'),'feed_link' => '','width' => 'half','height' => 'single') ); }