function saasta_confirm_order($ext_id) { global $saasta_products, $wpdb; $tbl_orders = $wpdb->prefix . "orders"; $i = $wpdb->escape($ext_id); $q = $wpdb->get_row("SELECT email,id,order_state,address,price FROM {$tbl_orders} WHERE order_ext_uid='" . $i . "'"); if ($q) { // Mark new orders as 'confirmed': if ($q->order_state == 'inbox') { $wpdb->query("UPDATE {$tbl_orders} SET order_state = 'confirmed' WHERE id = {$q->id}"); } // Let the user know about his confirmation: if ($q->order_state == 'inbox' || $q->order_state == 'confirmed') { echo "<h2>Order #{$q->id} confirmed and waiting for payment</h2>"; $price = $q->price; $return_url = saasta_get_shop_base_url() . "&thanks=true"; print "<p>Please click the below PayPal button to pay for your purchase:</p>"; print "<form action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">\n"; print "<input type=\"hidden\" name=\"cmd\" value=\"_xclick\">\n"; print "<input type=\"hidden\" name=\"business\" value=\"jjhellst@gmail.com\">\n"; print "<input type=\"hidden\" name=\"item_name\" value=\"Saasta Merchandise\">\n"; print "<input type=\"hidden\" name=\"item_number\" value=\"{$q->id}\">\n"; print "<input type=\"hidden\" name=\"amount\" value=\"{$price}\">\n"; print "<input type=\"hidden\" name=\"no_shipping\" value=\"0\">\n"; print "<input type=\"hidden\" name=\"no_note\" value=\"1\">\n"; print "<input type=\"hidden\" name=\"page_style\" value=\"Saasta\">\n"; print "<input type=\"hidden\" name=\"currency_code\" value=\"EUR\">\n"; print "<input type=\"hidden\" name=\"return\" value=\"{$return_url}\">\n"; print "<input type=\"hidden\" name=\"lc\" value=\"FI\">\n"; print "<input type=\"hidden\" name=\"bn\" value=\"PP-BuyNowBF\">\n"; print "<input type=\"image\" src=\"https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif\" border=\"0\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online!\">\n"; print "<img alt=\"\" border=\"0\" src=\"https://www.paypal.com/en_US/i/scr/pixel.gif\" width=\"1\" height=\"1\">\n"; print "</form>\n"; print "<p>Once we have received your payment, we will process your order and deliver your products to the following address:</p>\n"; print "<pre style=\"font-size:1.2em\">{$q->address}</pre>\n"; print "<p>Thank you!</p\n"; } else { if ($q->order_state == 'paid') { echo "<h2>Order #{$q->id} paid and waiting to be delivered</h2>"; } } } else { echo '<h2>Unknown order!</h2>'; } }
function saasta_send_confirmation_email($order_id) { global $wpdb; global $saasta_products; $tbl_orders = $wpdb->prefix . "orders"; $tbl_orders_products = $wpdb->prefix . "orders_products"; $q = $wpdb->get_row("SELECT email,order_ext_uid,address,price FROM {$tbl_orders} WHERE id = {$order_id}"); // TODO hardcoded URL :( -- how can we get the page id without hardcoding it? $page_url = saasta_get_shop_base_url(); $confirm_url = $page_url . "&confirm_id=" . $q->order_ext_uid; $order_text = ""; $ordered_prods = $wpdb->get_results("SELECT product_id,qty FROM saasta_orders_products WHERE order_id = {$order_id}"); foreach ($ordered_prods as $p) { $prod_name = $saasta_products[$p->product_id]['name']; $order_text = $order_text . "{$prod_name} (quantity: {$p->qty})\n"; } if ($q) { $text = "\nThank you for ordering our products!\n\nIn order to complete your order, we request you to confirm your order by clicking the following link:\n\n{$confirm_url}\n\nThis will let us know that your purchase was genuine and not initiated by a nasty spammer.\n\nHere's a summary of your order:\n\n{$order_text}\n\nPrice: {$q->price} EUR\n\nOnce confirmed and paid, the products you ordered will be sent to the following address:\n\n{$q->address}\n\nThank you!\n"; wp_mail($q->email, "saasta.fi // Purchase Confirmation", $text); } else { die("Couldn't find purchase order!"); } }