function cart()
{
global $oCurrencies;
$this->content_type = $_SESSION['cart']->get_content_type();
$nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1;
$db =& oosDBGetConn();
$oosDBTable = oosDBGetTables();
$sql = "SELECT \n c.customers_firstname, c.customers_lastname, c.customers_telephone, c.customers_email_address, \n ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, \n ab.entry_zone_id, z.zone_name, co.countries_id, co.countries_name, co.countries_iso_code_2, \n co.countries_iso_code_3, co.address_format_id, ab.entry_state \n FROM \n " . $oosDBTable['customers'] . " c,\n " . $oosDBTable['address_book'] . " ab LEFT JOIN\n " . $oosDBTable['zones'] . " z \n ON (ab.entry_zone_id = z.zone_id) LEFT JOIN\n " . $oosDBTable['countries'] . " co\n ON (ab.entry_country_id = co.countries_id)\n WHERE \n c.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n c.customers_default_address_id = ab.address_book_id";
$customer_address_result = $db->Execute($sql);
$customer_address = $customer_address_result->fields;
$sql = "SELECT \n ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address,\n ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, \n ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, \n c.countries_iso_code_3, c.address_format_id, ab.entry_state \n FROM \n " . $oosDBTable['address_book'] . " ab LEFT JOIN\n " . $oosDBTable['zones'] . " z\n ON (ab.entry_zone_id = z.zone_id) LEFT JOIN\n " . $oosDBTable['countries'] . " c ON\n (ab.entry_country_id = c.countries_id)\n WHERE \n ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n ab.address_book_id = '" . intval($_SESSION['sendto']) . "'";
$shipping_address_result = $db->Execute($sql);
$shipping_address = $shipping_address_result->fields;
$sql = "SELECT \n ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, \n ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, \n ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, \n c.countries_iso_code_3, c.countries_moneybookers, c.address_format_id, ab.entry_state \n FROM\n " . $oosDBTable['address_book'] . " ab LEFT JOIN\n " . $oosDBTable['zones'] . " z\n ON (ab.entry_zone_id = z.zone_id) LEFT JOIN\n " . $oosDBTable['countries'] . " c ON\n (ab.entry_country_id = c.countries_id)\n WHERE \n ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND\n ab.address_book_id = '" . intval($_SESSION['billto']) . "'";
$billing_address_result = $db->Execute($sql);
$billing_address = $billing_address_result->fields;
$class =& $_SESSION['payment'];
$this->info = array('order_status' => DEFAULT_ORDERS_STATUS_ID, 'currency' => $_SESSION['currency'], 'currency_value' => $oCurrencies->currencies[$_SESSION['currency']]['value'], 'payment_method' => $GLOBALS[$class]->title, 'cc_type' => isset($GLOBALS['cc_type']) ? $GLOBALS['cc_type'] : '', 'cc_owner' => isset($GLOBALS['cc_owner']) ? $GLOBALS['cc_owner'] : '', 'cc_number' => isset($GLOBALS['cc_number']) ? $GLOBALS['cc_number'] : '', 'cc_expires' => isset($GLOBALS['cc_expires']) ? $GLOBALS['cc_expires'] : '', 'cc_cvv' => isset($GLOBALS['cc_cvv']) ? $GLOBALS['cc_cvv'] : '', 'shipping_method' => $_SESSION['shipping']['title'], 'shipping_cost' => $_SESSION['shipping']['cost'], 'comments' => isset($_SESSION['comments']) ? $_SESSION['comments'] : '', 'shipping_class' => strpos($shipping['id'], '_') > 0 ? substr(strrev(strchr(strrev($shipping['id']), '_')), 0, -1) : $shipping['id'], 'payment_class' => $_SESSION['payment']);
if (isset($GLOBALS['payment']) && is_object($GLOBALS['payment'])) {
$this->info['payment_method'] = $GLOBALS['payment']->title;
if (isset($GLOBALS['payment']->order_status) && is_numeric($GLOBALS['payment']->order_status) && $GLOBALS['payment']->order_status > 0) {
$this->info['order_status'] = $GLOBALS['payment']->order_status;
}
}
$this->customer = array('firstname' => $customer_address['customers_firstname'], 'lastname' => $customer_address['customers_lastname'], 'company' => $customer_address['entry_company'], 'street_address' => $customer_address['entry_street_address'], 'suburb' => $customer_address['entry_suburb'], 'city' => $customer_address['entry_city'], 'postcode' => $customer_address['entry_postcode'], 'state' => oos_is_not_null($customer_address['entry_state']) ? $customer_address['entry_state'] : $customer_address['zone_name'], 'zone_id' => $customer_address['entry_zone_id'], 'country' => array('id' => $customer_address['countries_id'], 'title' => $customer_address['countries_name'], 'iso_code_2' => $customer_address['countries_iso_code_2'], 'iso_code_3' => $customer_address['countries_iso_code_3']), 'format_id' => $customer_address['address_format_id'], 'telephone' => $customer_address['customers_telephone'], 'email_address' => $customer_address['customers_email_address']);
$this->delivery = array('firstname' => $shipping_address['entry_firstname'], 'lastname' => $shipping_address['entry_lastname'], 'company' => $shipping_address['entry_company'], 'street_address' => $shipping_address['entry_street_address'], 'suburb' => $shipping_address['entry_suburb'], 'city' => $shipping_address['entry_city'], 'postcode' => $shipping_address['entry_postcode'], 'state' => oos_is_not_null($shipping_address['entry_state']) ? $shipping_address['entry_state'] : $shipping_address['zone_name'], 'zone_id' => $shipping_address['entry_zone_id'], 'country' => array('id' => $shipping_address['countries_id'], 'title' => $shipping_address['countries_name'], 'iso_code_2' => $shipping_address['countries_iso_code_2'], 'iso_code_3' => $shipping_address['countries_iso_code_3']), 'country_id' => $shipping_address['entry_country_id'], 'format_id' => $shipping_address['address_format_id']);
$this->billing = array('firstname' => $billing_address['entry_firstname'], 'lastname' => $billing_address['entry_lastname'], 'company' => $billing_address['entry_company'], 'street_address' => $billing_address['entry_street_address'], 'suburb' => $billing_address['entry_suburb'], 'city' => $billing_address['entry_city'], 'postcode' => $billing_address['entry_postcode'], 'state' => oos_is_not_null($billing_address['entry_state']) ? $billing_address['entry_state'] : $billing_address['zone_name'], 'country' => array('id' => $billing_address['countries_id'], 'title' => $billing_address['countries_name'], 'iso_code_2' => $billing_address['countries_iso_code_2'], 'iso_code_3' => $billing_address['countries_iso_code_3'], 'moneybookers' => $billing_address['countries_moneybookers']), 'country_id' => $billing_address['entry_country_id'], 'format_id' => $billing_address['address_format_id']);
$index = 0;
$products = $_SESSION['cart']->get_products();
for ($i = 0, $n = sizeof($products); $i < $n; $i++) {
$this->products[$index] = array('qty' => $products[$i]['quantity'], 'name' => $products[$i]['name'], 'model' => $products[$i]['model'], 'ean' => $products[$i]['ean'], 'tax' => oos_get_tax_rate($products[$i]['tax_class_id'], $billing_address['entry_country_id'], ${$billing_address}['entry_zone_id']), 'tax_description' => oos_get_tax_description($products[$i]['tax_class_id'], $billing_address['entry_country_id'], $billing_address['entry_zone_id']), 'price' => $products[$i]['price'], 'final_price' => $products[$i]['price'] + $_SESSION['cart']->attributes_price($products[$i]['id']), 'weight' => $products[$i]['weight'], 'towlid' => $products[$i]['towlid'], 'id' => $products[$i]['id']);
if ($products[$i]['attributes']) {
$subindex = 0;
reset($products[$i]['attributes']);
while (list($option, $value) = each($products[$i]['attributes'])) {
$sql = "SELECT \n popt.products_options_name, poval.products_options_values_name, pa.options_values_price, \n pa.price_prefix\n FROM \n " . $oosDBTable['products_options'] . " popt,\n " . $oosDBTable['products_options_values'] . " poval,\n " . $oosDBTable['products_attributes'] . " pa\n WHERE \n pa.products_id = '" . oosDBInput($products[$i]['id']) . "' AND\n pa.options_id = '" . oosDBInput($option) . "' AND\n pa.options_id = popt.products_options_id AND\n pa.options_values_id = '" . oosDBInput($value) . "' AND\n pa.options_values_id = poval.products_options_values_id AND\n popt.products_options_languages_id = '" . intval($nLanguageID) . "' AND\n poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
$attributes_result = $db->Execute($sql);
$attributes = $attributes_result->fields;
if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$attr_value = $products[$i]['attributes_values'][$option];
} else {
$attr_value = $attributes['products_options_values_name'];
}
$this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options_name'], 'value' => $attr_value, 'option_id' => $option, 'value_id' => $value, 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']);
$subindex++;
}
}
$shown_price = oos_add_tax($this->products[$index]['final_price'], $this->products[$index]['tax']) * $this->products[$index]['qty'];
$this->info['subtotal'] += $shown_price;
$products_tax = $this->products[$index]['tax'];
if ($_SESSION['member']->group['show_price_tax'] == 1) {
$this->info['tax'] += $shown_price - $shown_price / ($products_tax < 10 ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax));
$this->info['tax_groups']["{$products_tax}"] += $shown_price - $shown_price / ($products_tax < 10 ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax));
} else {
$this->info['tax'] += $products_tax / 100 * $shown_price;
$this->info['tax_groups']["{$products_tax}"] += $products_tax / 100 * $shown_price;
}
$index++;
}
if ($_SESSION['member']->group['show_price_tax'] == 1) {
$this->info['total'] = $this->info['subtotal'] + $this->info['shipping_cost'];
} else {
$this->info['total'] = $this->info['subtotal'] + $this->info['tax'] + $this->info['shipping_cost'];
}
}
<html><head><title></title></head><body>
<h3>CAO-Faktura - xt:Commerce Shopanbindung</h3>
<br><br>
Aufruf des Scriptes mit <br><b><?php
echo $_SERVER['PHP_SELF'];
?>
?user=<font color="red">ADMIN-EMAIL</font>&password=<font color="red">ADMIN-PASSWORD-IM-KLARTEXT</font>
</b>
</body></html>
<?php
exit;
} else {
require 'cao_xtc_functions.php';
// security 1.check if admin user with this mailadress exits, and got access to xml-export
// 2.check if pasword = true
$query = "SELECT admin_id, admin_groups_id, admin_firstname, admin_email_address, admin_password\r\n FROM " . $oosDBTable['admin'] . "\r\n WHERE admin_email_address = '" . oosDBInput($user) . "'";
$check_admin_result = $db->Execute($query);
if (!$check_admin_result->RecordCount()) {
SendXMLHeader();
print_xml_status(105, $_POST['action'], 'WRONG LOGIN', '', '', '');
exit;
} else {
$check_admin = $check_admin_result->fields;
// Check that password is good
if (!oos_validate_password($password, $check_admin['login_password'])) {
SendXMLHeader();
print_xml_status(108, $_POST['action'], 'WRONG PASSWORD', '', '', '');
exit;
}
// check if Admin is allowed to access xml_export
$access_query = xtc_db_query("SELECT\r\n xml_export\r\n from admin_access\r\n WHERE customers_id='" . $check_admin['customers_id'] . "'");
$email_order .= "Kontodaten werden per Fax bestÃĪtigt!\n";
}
}
oos_mail('', SEND_EXTRA_ORDER_EMAILS_TO, $aLang['email_text_subject'], nl2br($email_order), $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], '1');
}
// Include OSC-AFFILIATE
// fetch the net total of an order
$affiliate_total = 0;
for ($i = 0, $n = count($order->products); $i < $n; $i++) {
$affiliate_total += $order->products[$i]['final_price'] * $order->products[$i]['qty'];
}
$affiliate_total = round($affiliate_total, 2);
// Check for individual commission
$affiliate_percentage = 0;
if (AFFILATE_INDIVIDUAL_PERCENTAGE == 'true') {
$sql = "SELECT affiliate_commission_percent \n FROM " . $oosDBTable['affiliate_affiliate'] . " \n WHERE affiliate_id = '" . oosDBInput($_SESSION['affiliate_ref']) . "'";
$affiliate_commission_result = $db->Execute($sql);
$affiliate_commission = $affiliate_commission_result->fields;
$affiliate_percent = $affiliate_commission['affiliate_commission_percent'];
}
if ($affiliate_percent < AFFILIATE_PERCENT) {
$affiliate_percent = AFFILIATE_PERCENT;
}
$affiliate_payment = round($affiliate_total * $affiliate_percent / 100, 2);
if (isset($_SESSION['affiliate_ref'])) {
$sql_data_array = array('affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_date' => $affiliate_clientdate, 'affiliate_browser' => $affiliate_clientbrowser, 'affiliate_ipaddress' => $affiliate_clientip, 'affiliate_value' => $affiliate_total, 'affiliate_payment' => $affiliate_payment, 'affiliate_orders_id' => $insert_id, 'affiliate_clickthroughs_id' => $_SESSION['affiliate_clickthroughs_id'], 'affiliate_percent' => $affiliate_percent);
oosDBPerform($oosDBTable['affiliate_sales'], $sql_data_array);
}
// load the after_process function from the payment modules
$payment_modules->after_process();
$_SESSION['cart']->reset(true);
