function cart() { global $oCurrencies; $this->content_type = $_SESSION['cart']->get_content_type(); $nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1; $db =& oosDBGetConn(); $oosDBTable = oosDBGetTables(); $sql = "SELECT \n c.customers_firstname, c.customers_lastname, c.customers_telephone, c.customers_email_address, \n ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, \n ab.entry_zone_id, z.zone_name, co.countries_id, co.countries_name, co.countries_iso_code_2, \n co.countries_iso_code_3, co.address_format_id, ab.entry_state \n FROM \n " . $oosDBTable['customers'] . " c,\n " . $oosDBTable['address_book'] . " ab LEFT JOIN\n " . $oosDBTable['zones'] . " z \n ON (ab.entry_zone_id = z.zone_id) LEFT JOIN\n " . $oosDBTable['countries'] . " co\n ON (ab.entry_country_id = co.countries_id)\n WHERE \n c.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n c.customers_default_address_id = ab.address_book_id"; $customer_address_result = $db->Execute($sql); $customer_address = $customer_address_result->fields; $sql = "SELECT \n ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address,\n ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, \n ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, \n c.countries_iso_code_3, c.address_format_id, ab.entry_state \n FROM \n " . $oosDBTable['address_book'] . " ab LEFT JOIN\n " . $oosDBTable['zones'] . " z\n ON (ab.entry_zone_id = z.zone_id) LEFT JOIN\n " . $oosDBTable['countries'] . " c ON\n (ab.entry_country_id = c.countries_id)\n WHERE \n ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n ab.address_book_id = '" . intval($_SESSION['sendto']) . "'"; $shipping_address_result = $db->Execute($sql); $shipping_address = $shipping_address_result->fields; $sql = "SELECT \n ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, \n ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, \n ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, \n c.countries_iso_code_3, c.countries_moneybookers, c.address_format_id, ab.entry_state \n FROM\n " . $oosDBTable['address_book'] . " ab LEFT JOIN\n " . $oosDBTable['zones'] . " z\n ON (ab.entry_zone_id = z.zone_id) LEFT JOIN\n " . $oosDBTable['countries'] . " c ON\n (ab.entry_country_id = c.countries_id)\n WHERE \n ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n ab.address_book_id = '" . intval($_SESSION['billto']) . "'"; $billing_address_result = $db->Execute($sql); $billing_address = $billing_address_result->fields; $class =& $_SESSION['payment']; $this->info = array('order_status' => DEFAULT_ORDERS_STATUS_ID, 'currency' => $_SESSION['currency'], 'currency_value' => $oCurrencies->currencies[$_SESSION['currency']]['value'], 'payment_method' => $GLOBALS[$class]->title, 'cc_type' => isset($GLOBALS['cc_type']) ? $GLOBALS['cc_type'] : '', 'cc_owner' => isset($GLOBALS['cc_owner']) ? $GLOBALS['cc_owner'] : '', 'cc_number' => isset($GLOBALS['cc_number']) ? $GLOBALS['cc_number'] : '', 'cc_expires' => isset($GLOBALS['cc_expires']) ? $GLOBALS['cc_expires'] : '', 'cc_cvv' => isset($GLOBALS['cc_cvv']) ? $GLOBALS['cc_cvv'] : '', 'shipping_method' => $_SESSION['shipping']['title'], 'shipping_cost' => $_SESSION['shipping']['cost'], 'comments' => isset($_SESSION['comments']) ? $_SESSION['comments'] : '', 'shipping_class' => strpos($shipping['id'], '_') > 0 ? substr(strrev(strchr(strrev($shipping['id']), '_')), 0, -1) : $shipping['id'], 'payment_class' => $_SESSION['payment']); if (isset($GLOBALS['payment']) && is_object($GLOBALS['payment'])) { $this->info['payment_method'] = $GLOBALS['payment']->title; if (isset($GLOBALS['payment']->order_status) && is_numeric($GLOBALS['payment']->order_status) && $GLOBALS['payment']->order_status > 0) { $this->info['order_status'] = $GLOBALS['payment']->order_status; } } $this->customer = array('firstname' => $customer_address['customers_firstname'], 'lastname' => $customer_address['customers_lastname'], 'company' => $customer_address['entry_company'], 'street_address' => $customer_address['entry_street_address'], 'suburb' => $customer_address['entry_suburb'], 'city' => $customer_address['entry_city'], 'postcode' => $customer_address['entry_postcode'], 'state' => oos_is_not_null($customer_address['entry_state']) ? $customer_address['entry_state'] : $customer_address['zone_name'], 'zone_id' => $customer_address['entry_zone_id'], 'country' => array('id' => $customer_address['countries_id'], 'title' => $customer_address['countries_name'], 'iso_code_2' => $customer_address['countries_iso_code_2'], 'iso_code_3' => $customer_address['countries_iso_code_3']), 'format_id' => $customer_address['address_format_id'], 'telephone' => $customer_address['customers_telephone'], 'email_address' => $customer_address['customers_email_address']); $this->delivery = array('firstname' => $shipping_address['entry_firstname'], 'lastname' => $shipping_address['entry_lastname'], 'company' => $shipping_address['entry_company'], 'street_address' => $shipping_address['entry_street_address'], 'suburb' => $shipping_address['entry_suburb'], 'city' => $shipping_address['entry_city'], 'postcode' => $shipping_address['entry_postcode'], 'state' => oos_is_not_null($shipping_address['entry_state']) ? $shipping_address['entry_state'] : $shipping_address['zone_name'], 'zone_id' => $shipping_address['entry_zone_id'], 'country' => array('id' => $shipping_address['countries_id'], 'title' => $shipping_address['countries_name'], 'iso_code_2' => $shipping_address['countries_iso_code_2'], 'iso_code_3' => $shipping_address['countries_iso_code_3']), 'country_id' => $shipping_address['entry_country_id'], 'format_id' => $shipping_address['address_format_id']); $this->billing = array('firstname' => $billing_address['entry_firstname'], 'lastname' => $billing_address['entry_lastname'], 'company' => $billing_address['entry_company'], 'street_address' => $billing_address['entry_street_address'], 'suburb' => $billing_address['entry_suburb'], 'city' => $billing_address['entry_city'], 'postcode' => $billing_address['entry_postcode'], 'state' => oos_is_not_null($billing_address['entry_state']) ? $billing_address['entry_state'] : $billing_address['zone_name'], 'country' => array('id' => $billing_address['countries_id'], 'title' => $billing_address['countries_name'], 'iso_code_2' => $billing_address['countries_iso_code_2'], 'iso_code_3' => $billing_address['countries_iso_code_3'], 'moneybookers' => $billing_address['countries_moneybookers']), 'country_id' => $billing_address['entry_country_id'], 'format_id' => $billing_address['address_format_id']); $index = 0; $products = $_SESSION['cart']->get_products(); for ($i = 0, $n = sizeof($products); $i < $n; $i++) { $this->products[$index] = array('qty' => $products[$i]['quantity'], 'name' => $products[$i]['name'], 'model' => $products[$i]['model'], 'ean' => $products[$i]['ean'], 'tax' => oos_get_tax_rate($products[$i]['tax_class_id'], $billing_address['entry_country_id'], ${$billing_address}['entry_zone_id']), 'tax_description' => oos_get_tax_description($products[$i]['tax_class_id'], $billing_address['entry_country_id'], $billing_address['entry_zone_id']), 'price' => $products[$i]['price'], 'final_price' => $products[$i]['price'] + $_SESSION['cart']->attributes_price($products[$i]['id']), 'weight' => $products[$i]['weight'], 'towlid' => $products[$i]['towlid'], 'id' => $products[$i]['id']); if ($products[$i]['attributes']) { $subindex = 0; reset($products[$i]['attributes']); while (list($option, $value) = each($products[$i]['attributes'])) { $sql = "SELECT \n popt.products_options_name, poval.products_options_values_name, pa.options_values_price, \n pa.price_prefix\n FROM \n " . $oosDBTable['products_options'] . " popt,\n " . $oosDBTable['products_options_values'] . " poval,\n " . $oosDBTable['products_attributes'] . " pa\n WHERE \n pa.products_id = '" . oosDBInput($products[$i]['id']) . "' AND\n pa.options_id = '" . oosDBInput($option) . "' AND\n pa.options_id = popt.products_options_id AND\n pa.options_values_id = '" . oosDBInput($value) . "' AND\n pa.options_values_id = poval.products_options_values_id AND\n popt.products_options_languages_id = '" . intval($nLanguageID) . "' AND\n poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'"; $attributes_result = $db->Execute($sql); $attributes = $attributes_result->fields; if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID) { $attr_value = $products[$i]['attributes_values'][$option]; } else { $attr_value = $attributes['products_options_values_name']; } $this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options_name'], 'value' => $attr_value, 'option_id' => $option, 'value_id' => $value, 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']); $subindex++; } } $shown_price = oos_add_tax($this->products[$index]['final_price'], $this->products[$index]['tax']) * $this->products[$index]['qty']; $this->info['subtotal'] += $shown_price; $products_tax = $this->products[$index]['tax']; if ($_SESSION['member']->group['show_price_tax'] == 1) { $this->info['tax'] += $shown_price - $shown_price / ($products_tax < 10 ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)); $this->info['tax_groups']["{$products_tax}"] += $shown_price - $shown_price / ($products_tax < 10 ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)); } else { $this->info['tax'] += $products_tax / 100 * $shown_price; $this->info['tax_groups']["{$products_tax}"] += $products_tax / 100 * $shown_price; } $index++; } if ($_SESSION['member']->group['show_price_tax'] == 1) { $this->info['total'] = $this->info['subtotal'] + $this->info['shipping_cost']; } else { $this->info['total'] = $this->info['subtotal'] + $this->info['tax'] + $this->info['shipping_cost']; } }
<html><head><title></title></head><body> <h3>CAO-Faktura - xt:Commerce Shopanbindung</h3> <br><br> Aufruf des Scriptes mit <br><b><?php echo $_SERVER['PHP_SELF']; ?> ?user=<font color="red">ADMIN-EMAIL</font>&password=<font color="red">ADMIN-PASSWORD-IM-KLARTEXT</font> </b> </body></html> <?php exit; } else { require 'cao_xtc_functions.php'; // security 1.check if admin user with this mailadress exits, and got access to xml-export // 2.check if pasword = true $query = "SELECT admin_id, admin_groups_id, admin_firstname, admin_email_address, admin_password\r\n FROM " . $oosDBTable['admin'] . "\r\n WHERE admin_email_address = '" . oosDBInput($user) . "'"; $check_admin_result = $db->Execute($query); if (!$check_admin_result->RecordCount()) { SendXMLHeader(); print_xml_status(105, $_POST['action'], 'WRONG LOGIN', '', '', ''); exit; } else { $check_admin = $check_admin_result->fields; // Check that password is good if (!oos_validate_password($password, $check_admin['login_password'])) { SendXMLHeader(); print_xml_status(108, $_POST['action'], 'WRONG PASSWORD', '', '', ''); exit; } // check if Admin is allowed to access xml_export $access_query = xtc_db_query("SELECT\r\n xml_export\r\n from admin_access\r\n WHERE customers_id='" . $check_admin['customers_id'] . "'");
$email_order .= "Kontodaten werden per Fax bestÃĪtigt!\n"; } } oos_mail('', SEND_EXTRA_ORDER_EMAILS_TO, $aLang['email_text_subject'], nl2br($email_order), $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], '1'); } // Include OSC-AFFILIATE // fetch the net total of an order $affiliate_total = 0; for ($i = 0, $n = count($order->products); $i < $n; $i++) { $affiliate_total += $order->products[$i]['final_price'] * $order->products[$i]['qty']; } $affiliate_total = round($affiliate_total, 2); // Check for individual commission $affiliate_percentage = 0; if (AFFILATE_INDIVIDUAL_PERCENTAGE == 'true') { $sql = "SELECT affiliate_commission_percent \n FROM " . $oosDBTable['affiliate_affiliate'] . " \n WHERE affiliate_id = '" . oosDBInput($_SESSION['affiliate_ref']) . "'"; $affiliate_commission_result = $db->Execute($sql); $affiliate_commission = $affiliate_commission_result->fields; $affiliate_percent = $affiliate_commission['affiliate_commission_percent']; } if ($affiliate_percent < AFFILIATE_PERCENT) { $affiliate_percent = AFFILIATE_PERCENT; } $affiliate_payment = round($affiliate_total * $affiliate_percent / 100, 2); if (isset($_SESSION['affiliate_ref'])) { $sql_data_array = array('affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_date' => $affiliate_clientdate, 'affiliate_browser' => $affiliate_clientbrowser, 'affiliate_ipaddress' => $affiliate_clientip, 'affiliate_value' => $affiliate_total, 'affiliate_payment' => $affiliate_payment, 'affiliate_orders_id' => $insert_id, 'affiliate_clickthroughs_id' => $_SESSION['affiliate_clickthroughs_id'], 'affiliate_percent' => $affiliate_percent); oosDBPerform($oosDBTable['affiliate_sales'], $sql_data_array); } // load the after_process function from the payment modules $payment_modules->after_process(); $_SESSION['cart']->reset(true);