function tep_update_whos_online() { global $customer_id; if (tep_session_is_registered('customer_id')) { $wo_customer_id = $customer_id; $customer_query = tep_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'"); $customer = tep_db_fetch_array($customer_query); $wo_full_name = $customer['customers_firstname'] . ' ' . $customer['customers_lastname']; } else { $wo_customer_id = ''; $wo_full_name = 'Guest'; } $wo_session_id = tep_session_id(); $wo_ip_address = tep_get_ip_address(); $wo_last_page_url = tep_db_prepare_input(getenv('REQUEST_URI')); $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired tep_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'"); $stored_customer_query = tep_db_query("select session_id from " . TABLE_WHOS_ONLINE . " where session_id = '" . tep_db_input($wo_session_id) . "' limit 1"); if (tep_db_num_rows($stored_customer_query) > 0) { tep_db_query("update " . TABLE_WHOS_ONLINE . " set customer_id = '" . (int) $wo_customer_id . "', full_name = '" . tep_db_input($wo_full_name) . "', ip_address = '" . tep_db_input($wo_ip_address) . "', time_last_click = '" . tep_db_input($current_time) . "', last_page_url = '" . tep_db_input($wo_last_page_url) . "' where session_id = '" . tep_db_input($wo_session_id) . "'"); } else { tep_db_query("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values ('" . (int) $wo_customer_id . "', '" . tep_db_input($wo_full_name) . "', '" . tep_db_input($wo_session_id) . "', '" . tep_db_input($wo_ip_address) . "', '" . tep_db_input($current_time) . "', '" . tep_db_input($current_time) . "', '" . tep_db_input($wo_last_page_url) . "')"); } }
function process_button() { global $customer_id, $order, $sendto, $currency; $process_button_string = $this->_InsertFP(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_LOGIN_ID, MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_KEY, $this->format_raw($order->info['total']), rand(1, 1000), $currency); $process_button_string .= tep_draw_hidden_field('x_login', substr(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_LOGIN_ID, 0, 20)) . tep_draw_hidden_field('x_version', '3.1') . tep_draw_hidden_field('x_show_form', 'PAYMENT_FORM') . tep_draw_hidden_field('x_relay_response', 'TRUE') . tep_draw_hidden_field('x_relay_url', tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', false)) . tep_draw_hidden_field('x_first_name', substr($order->billing['firstname'], 0, 50)) . tep_draw_hidden_field('x_last_name', substr($order->billing['lastname'], 0, 50)) . tep_draw_hidden_field('x_company', substr($order->billing['company'], 0, 50)) . tep_draw_hidden_field('x_address', substr($order->billing['street_address'], 0, 60)) . tep_draw_hidden_field('x_city', substr($order->billing['city'], 0, 40)) . tep_draw_hidden_field('x_state', substr($order->billing['state'], 0, 40)) . tep_draw_hidden_field('x_zip', substr($order->billing['postcode'], 0, 20)) . tep_draw_hidden_field('x_country', substr($order->billing['country']['title'], 0, 60)) . tep_draw_hidden_field('x_phone', substr($order->customer['telephone'], 0, 25)) . tep_draw_hidden_field('x_cust_id', substr($customer_id, 0, 20)) . tep_draw_hidden_field('x_customer_ip', tep_get_ip_address()) . tep_draw_hidden_field('x_email', substr($order->customer['email_address'], 0, 255)) . tep_draw_hidden_field('x_description', substr(STORE_NAME, 0, 255)) . tep_draw_hidden_field('x_amount', substr($this->format_raw($order->info['total']), 0, 15)) . tep_draw_hidden_field('x_currency_code', substr($currency, 0, 3)) . tep_draw_hidden_field('x_method', 'CC') . tep_draw_hidden_field('x_type', MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY'); if (is_numeric($sendto) && $sendto > 0) { $process_button_string .= tep_draw_hidden_field('x_ship_to_first_name', substr($order->delivery['firstname'], 0, 50)) . tep_draw_hidden_field('x_ship_to_last_name', substr($order->delivery['lastname'], 0, 50)) . tep_draw_hidden_field('x_ship_to_company', substr($order->delivery['company'], 0, 50)) . tep_draw_hidden_field('x_ship_to_address', substr($order->delivery['street_address'], 0, 60)) . tep_draw_hidden_field('x_ship_to_city', substr($order->delivery['city'], 0, 40)) . tep_draw_hidden_field('x_ship_to_state', substr($order->delivery['state'], 0, 40)) . tep_draw_hidden_field('x_ship_to_zip', substr($order->delivery['postcode'], 0, 20)) . tep_draw_hidden_field('x_ship_to_country', substr($order->delivery['country']['title'], 0, 60)); } if (MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_MODE == 'Test') { $process_button_string .= tep_draw_hidden_field('x_test_request', 'TRUE'); } for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { $process_button_string .= tep_draw_hidden_field('x_line_item', $i + 1 . '<|>' . substr($order->products[$i]['name'], 0, 31) . '<|>' . substr($order->products[$i]['name'], 0, 255) . '<|>' . $order->products[$i]['qty'] . '<|>' . $this->format_raw($order->products[$i]['final_price']) . '<|>' . ($order->products[$i]['tax'] > 0 ? 'YES' : 'NO')); } $tax_value = 0; reset($order->info['tax_groups']); while (list($key, $value) = each($order->info['tax_groups'])) { if ($value > 0) { $tax_value += $this->format_raw($value); } } if ($tax_value > 0) { $process_button_string .= tep_draw_hidden_field('x_tax', $this->format_raw($tax_value)); } $process_button_string .= tep_draw_hidden_field('x_freight', $this->format_raw($order->info['shipping_cost'])) . tep_draw_hidden_field(tep_session_name(), tep_session_id()); return $process_button_string; }
function tep_doautologin() { global $HTTP_COOKIE_VARS, $cart, $cart_cs, $cart_fv, $cart_pr, $customer_id, $customer_default_address_id, $customer_first_name, $customer_country_id, $customer_zone_id; global $navigation; if (isset($HTTP_COOKIE_VARS['osC_AutoCookieLogin'])) { $ip_address = tep_get_ip_address(); $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where md5(CONCAT(customers_id,customers_email_address,customers_password,'" . $ip_address . "'))= '" . $HTTP_COOKIE_VARS['osC_AutoCookieLogin'] . "'"); if (tep_db_num_rows($check_customer_query)) { $check_customer = tep_db_fetch_array($check_customer_query); if (SESSION_RECREATE == 'True') { tep_session_recreate(); } $check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'"); $check_country = tep_db_fetch_array($check_country_query); $customer_id = $check_customer['customers_id']; $customer_default_address_id = $check_customer['customers_default_address_id']; $customer_first_name = $check_customer['customers_firstname']; $customer_country_id = $check_country['entry_country_id']; $customer_zone_id = $check_country['entry_zone_id']; if (!tep_session_is_registered('customer_id')) { tep_session_register('customer_id'); } if (!tep_session_is_registered('customer_default_address_id')) { tep_session_register('customer_default_address_id'); } if (!tep_session_is_registered('customer_first_name')) { tep_session_register('customer_first_name'); } if (!tep_session_is_registered('customer_country_id')) { tep_session_register('customer_country_id'); } if (!tep_session_is_registered('customer_zone_id')) { tep_session_register('customer_zone_id'); } tep_autologincookie(true); // Save cookie tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int) $customer_id . "'"); $cart->restore_contents(); // restore cart contents $cart_cs->restore_contents(); $cart_fv->restore_contents(); $cart_pr->restore_contents(); if (sizeof($navigation->snapshot) > 0) { $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href); } else { // tep_redirect(tep_href_link(FILENAME_DEFAULT)); tep_redirect(substr(tep_href_link(getenv('REQUEST_URI')), strlen(HTTP_SERVER . DIR_WS_HTTP_CATALOG))); } } } }
function process_button() { global $order; $zone_code = ''; if (is_numeric($order->billing['zone_id']) && $order->billing['zone_id'] > 0) { $zone_query = tep_db_query("select zone_code from " . TABLE_ZONES . " where zone_id = '" . (int) $order->billing['zone_id'] . "'"); if (tep_db_num_rows($zone_query)) { $zone = tep_db_fetch_array($zone_query); $zone_code = $zone['zone_code']; } } $process_button_string = tep_draw_hidden_field('silent', '1') . tep_draw_hidden_field('trx_paymenttyp', 'pp') . tep_draw_hidden_field('trxuser_id', MODULE_PAYMENT_IPAYMENT_PP_USER_ID) . tep_draw_hidden_field('trxpassword', MODULE_PAYMENT_IPAYMENT_PP_PASSWORD) . tep_draw_hidden_field('from_ip', tep_get_ip_address()) . tep_draw_hidden_field('trx_currency', $_SESSION['currency']) . tep_draw_hidden_field('trx_amount', $this->format_raw($order->info['total']) * 100) . tep_draw_hidden_field('trx_typ', MODULE_PAYMENT_IPAYMENT_PP_TRANSACTION_METHOD == 'Capture' ? 'auth' : 'preauth') . tep_draw_hidden_field('addr_email', $order->customer['email_address']) . tep_draw_hidden_field('addr_street', $order->billing['street_address']) . tep_draw_hidden_field('addr_city', $order->billing['city']) . tep_draw_hidden_field('addr_zip', $order->billing['postcode']) . tep_draw_hidden_field('addr_country', $order->billing['country']['iso_code_2']) . tep_draw_hidden_field('addr_state', $zone_code) . tep_draw_hidden_field('addr_telefon', $order->customer['telephone']) . tep_draw_hidden_field('redirect_url', tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', true)) . tep_draw_hidden_field('silent_error_url', tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code, 'SSL', true)) . tep_draw_hidden_field('hidden_trigger_url', tep_href_link('ext/modules/payment/ipayment/callback_pp.php', '', 'SSL', false)) . tep_draw_hidden_field('client_name', 'oscommerce') . tep_draw_hidden_field('client_version', $this->signature); if (tep_not_null(MODULE_PAYMENT_IPAYMENT_PP_SECRET_HASH_PASSWORD)) { $process_button_string .= tep_draw_hidden_field('trx_securityhash', md5(MODULE_PAYMENT_IPAYMENT_PP_USER_ID . $this->format_raw($order->info['total']) * 100 . $_SESSION['currency'] . MODULE_PAYMENT_IPAYMENT_PP_PASSWORD . MODULE_PAYMENT_IPAYMENT_PP_SECRET_HASH_PASSWORD)); } return $process_button_string; }
function tep_update_whos_online() { // WOL 1.6 - Need access to spider_flag and user_agent and moved some assignments up here from below global $customer_id, $spider_flag, $user_agent; $wo_ip_address = tep_get_ip_address(); $wo_last_page_url = request_uri(); $current_time = time(); $xx_mins_ago = $current_time - 900; $wo_session_id = tep_session_id(); $wo_user_agent = $user_agent; // WOL 1.6 EOF if ($customer_id > 0) { //if (tep_session_is_registered('customer_id')) { //$wo_session_id = tep_session_id(); $wo_customer_id = $customer_id; $customer_query = tep_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'"); $customer = tep_db_fetch_array($customer_query); $wo_full_name = $customer['customers_firstname'] . ' ' . $customer['customers_lastname']; } else { if ($spider_flag) { // Bots are customerID = -1 $wo_customer_id = -1; // The Bots name is extracted from the User Agent in the WOE Admin screen $wo_full_name = $user_agent; // Session IDs are the WOE primary key. If a Bot doesn't have a session (normally shouldn't), // use the IP Address as unique identifier, otherwise, use the session ID if ($wo_session_id == "") { $wo_session_id = $wo_ip_address; } } else { // Must be a Guest $wo_full_name = 'Guest'; $wo_customer_id = 0; } // WOL 1.6 EOF } // remove entries that have expired tep_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'"); $stored_customer_query = tep_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . tep_db_input($wo_session_id) . "'"); $stored_customer = tep_db_fetch_array($stored_customer_query); if ($stored_customer['count'] > 0) { tep_db_query("update " . TABLE_WHOS_ONLINE . " set customer_id = '" . (int) $wo_customer_id . "', full_name = '" . tep_db_input($wo_full_name) . "', ip_address = '" . tep_db_input($wo_ip_address) . "', time_last_click = '" . tep_db_input($current_time) . "', last_page_url = '" . tep_db_input($wo_last_page_url) . "' where session_id = '" . tep_db_input($wo_session_id) . "'"); } else { tep_db_query("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url, http_referer, user_agent) values ('" . (int) $wo_customer_id . "', '" . tep_db_input($wo_full_name) . "', '" . tep_db_input($wo_session_id) . "', '" . tep_db_input($wo_ip_address) . "', '" . tep_db_input($current_time) . "', '" . tep_db_input($current_time) . "', '" . tep_db_input($wo_last_page_url) . "', '" . tep_db_input($_SERVER['HTTP_REFERER']) . "', '" . tep_db_input($user_agent) . "')"); } }
/** * Transform OsCommerce order to PaynetEasy order * * @param order $oscommerce_order OsCommerce order * @param string $redirect_url Url for final payment processing * * @return PaymentTransaction PaynetEasy transaction */ protected function get_paynet_transaction(OsCommerceOrder $oscommerce_order, $redirect_url = null) { $oscommerce_customer = $oscommerce_order->customer; $paynet_transaction = new PaymentTransaction(); $paynet_address = new BillingAddress(); $paynet_payment = new Payment(); $paynet_customer = new Customer(); $query_config = new QueryConfig(); $state_code = tep_get_zone_code($oscommerce_customer['country']['id'], $oscommerce_customer['zone_id'], $oscommerce_customer['state']); $paynet_address->setCountry($oscommerce_customer['country']['iso_code_2'])->setState($state_code)->setCity($oscommerce_customer['city'])->setFirstLine($oscommerce_customer['street_address'])->setZipCode($oscommerce_customer['postcode'])->setPhone($oscommerce_customer['telephone']); $paynet_customer->setEmail($oscommerce_customer['email_address'])->setFirstName($oscommerce_customer['firstname'])->setLastName($oscommerce_customer['lastname'])->setIpAddress(tep_get_ip_address()); $paynet_payment->setClientId($oscommerce_order->info['order_id'])->setDescription($this->get_paynet_order_description($oscommerce_order))->setAmount($oscommerce_order->info['total'])->setCurrency($oscommerce_order->info['currency'])->setCustomer($paynet_customer)->setBillingAddress($paynet_address); if (isset($oscommerce_order->info['paynet_order_id'])) { $paynet_payment->setPaynetId($oscommerce_order->info['paynet_order_id']); } $query_config->setEndPoint((int) MODULE_PAYMENT_PAYNETEASYFORM_END_POINT)->setLogin(MODULE_PAYMENT_PAYNETEASYFORM_LOGIN)->setSigningKey(MODULE_PAYMENT_PAYNETEASYFORM_SIGNING_KEY)->setGatewayMode(MODULE_PAYMENT_PAYNETEASYFORM_GATEWAY_MODE)->setGatewayUrlSandbox(MODULE_PAYMENT_PAYNETEASYFORM_SANDBOX_GATEWAY)->setGatewayUrlProduction(MODULE_PAYMENT_PAYNETEASYFORM_PRODUCTION_GATEWAY); if (Validator::validateByRule($redirect_url, Validator::URL, false)) { $query_config->setRedirectUrl($redirect_url)->setCallbackUrl($redirect_url); } $paynet_transaction->setPayment($paynet_payment)->setQueryConfig($query_config); return $paynet_transaction; }
function tep_update_whos_online() { $OSCOM_Db = Registry::get('Db'); $wo_customer_id = 0; $wo_full_name = 'Guest'; if (isset($_SESSION['customer_id'])) { $wo_customer_id = $_SESSION['customer_id']; $Qcustomer = $OSCOM_Db->prepare('select customers_firstname, customers_lastname from :table_customers where customers_id = :customers_id'); $Qcustomer->bindInt(':customers_id', $_SESSION['customer_id']); $Qcustomer->execute(); $wo_full_name = $Qcustomer->value('customers_firstname') . ' ' . $Qcustomer->value('customers_lastname'); } $wo_session_id = session_id(); $wo_ip_address = tep_get_ip_address(); if (is_null($wo_ip_address)) { // database table field (ip_address) is not_null $wo_ip_address = ''; } $wo_last_page_url = ''; if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI'])) { $wo_last_page_url = $_SERVER['REQUEST_URI']; } $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $Qdel = $OSCOM_Db->prepare('delete from :table_whos_online where time_last_click < :time_last_click'); $Qdel->bindInt(':time_last_click', $xx_mins_ago); $Qdel->execute(); $Qsession = $OSCOM_Db->prepare('select session_id from :table_whos_online where session_id = :session_id limit 1'); $Qsession->bindValue(':session_id', $wo_session_id); $Qsession->execute(); if ($Qsession->fetch() !== false) { $OSCOM_Db->save('whos_online', ['customer_id' => $wo_customer_id, 'full_name' => $wo_full_name, 'ip_address' => $wo_ip_address, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url], ['session_id' => $wo_session_id]); } else { $OSCOM_Db->save('whos_online', ['customer_id' => $wo_customer_id, 'full_name' => $wo_full_name, 'session_id' => $wo_session_id, 'ip_address' => $wo_ip_address, 'time_entry' => $current_time, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url]); } }
osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2010 osCommerce Released under the GNU General Public License */ chdir('../../../../'); require 'includes/application_top.php'; require 'includes/languages/' . $language . '/modules/payment/ipayment_pp.php'; require 'includes/modules/payment/ipayment_pp.php'; $ipayment_pp = new ipayment_pp(); if (!$ipayment_pp->check() || !$ipayment_pp->enabled) { exit; } if (in_array(tep_get_ip_address(), $ipayment_pp->gateway_addresses)) { $checksum_pass = 0; // unknown if (tep_not_null(MODULE_PAYMENT_IPAYMENT_PP_SECRET_HASH_PASSWORD)) { // verify ret_param_checksum if ($_POST['ret_param_checksum'] == md5(MODULE_PAYMENT_IPAYMENT_PP_USER_ID . $_POST['trx_amount'] . $_POST['trx_currency'] . $_POST['ret_authcode'] . $_POST['ret_booknr'] . MODULE_PAYMENT_IPAYMENT_PP_SECRET_HASH_PASSWORD)) { $checksum_pass = 1; // true } else { $checksum_pass = -1; // false } } $ipayment_pp->sendDebugEmail($checksum_pass); }
} } if (isset($HTTP_GET_VARS['manufacturers_id']) && basename(SCRIPT_FILENAME) != FILENAME_MANUFACTURERS) { if (basename(SCRIPT_FILENAME) != FILENAME_ADVANCED_SEARCH && basename(SCRIPT_FILENAME) != FILENAME_ADVANCED_SEARCH_RESULT) { $manufacturers_query = tep_db_query("select manufacturers_name from " . TABLE_MANUFACTURERS_INFO . " where manufacturers_id = '" . (int) $HTTP_GET_VARS['manufacturers_id'] . "' and languages_id = '" . (int) DEFAULT_LANGUAGE_ID . "'"); if (tep_db_num_rows($manufacturers_query) > 0) { $manufacturers = tep_db_fetch_array($manufacturers_query); $breadcrumb->add($manufacturers['manufacturers_name'], tep_href_link(FILENAME_MANUFACTURERS, 'manufacturers_id=' . $HTTP_GET_VARS['manufacturers_id'])); } } } // if partner is set update partners if (isset($HTTP_GET_VARS['partner']) && $session_started == true) { $partner_info_query = tep_db_query("select partners_id from " . TABLE_PARTNERS . " where partners_login = '******'partner'], 'CP1251', 'UTF-8'))) . "'"); if (tep_db_num_rows($partner_info_query) < 1) { tep_db_query("insert into " . TABLE_PARTNERS . " (date_added, partners_login, date_of_last_logon, partners_register_type, partners_comission) values (now(), '" . tep_db_input(tep_db_prepare_input($HTTP_GET_VARS['partner'])) . "', now(), 'auto', '" . tep_db_input(str_replace(',', '.', PARTNERS_COMISSION_DEFAULT / 100)) . "')"); $partners_id = tep_db_insert_id(); } else { $partner_info = tep_db_fetch_array($partner_info_query); $partners_id = $partner_info['partners_id']; } tep_db_query("insert into " . TABLE_PARTNERS_STATISTICS . " (partners_id, date_added, partners_statistics_page, partners_statistics_referer, partners_statistics_ip, partners_statistics_sid) values ('" . (int) $partners_id . "', now(), '" . tep_db_input(tep_db_prepare_input(REQUEST_URI)) . "', '" . tep_db_input(tep_db_prepare_input($_SERVER['HTTP_REFERER'])) . "', '" . tep_db_input(tep_get_ip_address()) . "', '" . tep_db_input(tep_session_id()) . "')"); @tep_setcookie(str_replace('.', '_', STORE_NAME) . '_partner', $partners_id, time() + 60 * 60 * 24 * 30 * 2, '/'); } // set which precautions should be checked define('WARN_INSTALL_EXISTENCE', 'true'); define('WARN_CONFIG_WRITEABLE', 'false'); define('WARN_SESSION_DIRECTORY_NOT_WRITEABLE', 'true'); define('WARN_SESSION_AUTO_START', 'true'); define('WARN_DOWNLOAD_DIRECTORY_NOT_READABLE', 'true'); $holiday_products_array = array('pearls' => array('title' => 'Ђ∆емчужинаї вашей библиотеки', 'products' => '152879, 152879, 164742, 166080, 244419, 276036, 307975, 44451, 44455, 45277, 45284, 47537, 524851, 549504, 62377', 'categories' => ''), 'art_albums' => array('title' => 'јльбомы по искусству', 'products' => '151248, 177562, 227545, 275800, 302609, 305304, 305345, 305905, 306189, 308790, 310516, 326703, 332484, 333583, 351876, 355236, 385907, 3870, 3884, 394134, 408614, 416433, 417561, 423783, 43872, 43879, 43982, 45016, 450274, 45040, 45541, 467051, 468197, 473169, 473180, 473181, 473190, 50388, 50445, 512932, 526223, 545250, 62009', 'categories' => ''), 'pets' => array('title' => '¬аши любимые питомцы', 'products' => '11308, 19503, 243569, 392509, 39910, 39913, 439461, 470371, 49446, 49455, 544530', 'categories' => ''), 'children' => array('title' => 'ƒетский Ќовый год', 'products' => '124613, 225298, 25222, 269475, 271673, 272098, 275298, 289242, 293623, 293624, 297554, 297648, 297649, 298433, 298466, 304929, 304930, 305004, 307479, 308927, 309508, 309709, 309709, 309710, 309710, 309712, 309712, 31134, 38982, 39458, 39784, 39784, 39785, 39786, 39787, 39788, 39788, 39790, 39790, 39791, 39791, 39795, 39799, 39998, 39998, 44561, 477244, 480629, 481035, 481036, 481038, 488411, 488412, 488413, 50995, 51056, 512939, 513991, 524395, 524471, 525152, 525425, 528934, 529049, 529050, 529051, 530685, 530726, 530900, 530901, 530902, 530903, 533382, 54117, 54199, 54290, 548651, 550001, 57222, 666515, 671325, 78137, 246321, 301109, 308927, 315131, 40712, 447897, 49131, 533187, 548656', 'categories' => '4946, 4987'), 'adventures' => array('title' => 'ћир путешествий и приключений', 'products' => '102635, 221700, 227545, 313937, 422826, 43947, 43949, 448966, 45471, 455812, 468528, 529778', 'categories' => ''), 'men' => array('title' => 'ѕодарки дл¤ насто¤щих мужчин', 'products' => '43901, 111616, 39944, 98000, 43744, 39961, 106390, 166091, 39954, 245990, 39946, 434611, 127472, 310371, 334410, 411303, 437137, 439455, 467793, 478709, 501918, 501992, 524435, 524436, 524437, 524438, 525963, 54023, 548939, 65757, 90793', 'categories' => ''), 'feast' => array('title' => 'ѕраздничный стол', 'products' => '127377, 127463, 165179, 176134, 178534, 186113, 225259, 238505, 238509, 245601, 306174, 310010, 331002, 334380, 354418, 400956, 419019, 43726, 449824, 450048, 468194, 480992, 499862, 501919, 513356, 513551, 531134, 533353, 544816, 548809, 549123, 549398, 549503, 549863, 57003, 57666, 62235, 667042', 'categories' => ''), 'christmas' => array('title' => '–ождество', 'products' => '16739, 272302, 275543, 40210, 467253, 499757, 512645, 513038, 513046, 528760, 544610, 549263, 289391, 305962, 306345, 307085, 318316, 396525, 433076, 465379, 481098, 499328, 533278', 'categories' => ''), 'souvenirs' => array('title' => '—увениры и при¤тные мелочи', 'products' => '425028, 425065, 425094, 425170, 425171, 425175, 425176, 425177, 425178, 425180, 425181, 425183', 'categories' => '4893, 3406, 3415, 3419, 3429, 4872, 9506'), 'women' => array('title' => '“олько дл¤ женщин', 'products' => '49453, 76750, 102773, 174786, 195937, 241647, 245920, 258642, 267722, 270181, 275127, 306380, 308222, 43745, 448967, 464270, 49453, 500025, 525199, 531137, 532184, 544552, 545236, 549828', 'categories' => ''), 'encyclopedia' => array('title' => 'Ёнциклопедии', 'products' => '164683, 214042, 236812, 39907, 39939, 39940, 39945, 39949, 39953, 39966, 45020, 45378, 462128, 68400', 'categories' => ''));
function before_process() { global $HTTP_GET_VARS, $HTTP_POST_VARS, $sage_pay_server_securitykey, $sage_pay_server_nexturl, $customer_id, $order, $currency, $order_totals, $cartID; $error = null; if (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == 'SERVER') { $sig = $HTTP_POST_VARS['VPSTxId'] . $HTTP_POST_VARS['VendorTxCode'] . $HTTP_POST_VARS['Status']; if ($HTTP_POST_VARS['Status'] == 'OK') { $sig .= $HTTP_POST_VARS['TxAuthNo']; } $sig .= substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15); if ($HTTP_POST_VARS['Status'] != 'AUTHENTICATED' && $HTTP_POST_VARS['Status'] != 'REGISTERED') { $sig .= $HTTP_POST_VARS['AVSCV2']; } $sig .= $sage_pay_server_securitykey; if ($HTTP_POST_VARS['Status'] != 'AUTHENTICATED' && $HTTP_POST_VARS['Status'] != 'REGISTERED') { $sig .= $HTTP_POST_VARS['AddressResult'] . $HTTP_POST_VARS['PostCodeResult'] . $HTTP_POST_VARS['CV2Result']; } $sig .= $HTTP_POST_VARS['GiftAid'] . $HTTP_POST_VARS['3DSecureStatus']; if ($HTTP_POST_VARS['3DSecureStatus'] == 'OK') { $sig .= $HTTP_POST_VARS['CAVV']; } if ($HTTP_POST_VARS['AddressStatus'] == 'NONE' || $HTTP_POST_VARS['AddressStatus'] == 'CONFIRMED' || $HTTP_POST_VARS['AddressStatus'] == 'UNCONFIRMED') { $sig .= $HTTP_POST_VARS['AddressStatus']; } if ($HTTP_POST_VARS['PayerStatus'] == 'VERIFIED' || $HTTP_POST_VARS['PayerStatus'] == 'UNVERIFIED') { $sig .= $HTTP_POST_VARS['PayerStatus']; } if (in_array($HTTP_POST_VARS['CardType'], array('VISA', 'MC', 'DELTA', 'SOLO', 'MAESTRO', 'UKE', 'AMEX', 'DC', 'JCB', 'SWITCH', 'LASER', 'PAYPAL'))) { $sig .= $HTTP_POST_VARS['CardType']; } $sig .= $HTTP_POST_VARS['Last4Digits']; if (isset($HTTP_POST_VARS['VPSSignature']) && $HTTP_POST_VARS['VPSSignature'] == strtoupper(md5($sig))) { if ($HTTP_POST_VARS['Status'] != 'OK' && $HTTP_POST_VARS['Status'] != 'AUTHENTICATED' && $HTTP_POST_VARS['Status'] != 'REGISTERED') { tep_session_unregister('sage_pay_server_securitykey'); tep_session_unregister('sage_pay_server_nexturl'); $error = $this->getErrorMessageNumber($HTTP_POST_VARS['StatusDetail']); if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') { $error_url = tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false); } else { $error_url = tep_href_link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false); } $result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $error_url; } else { $result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&key=' . md5($sage_pay_server_securitykey) . '&VPSTxId=' . $HTTP_POST_VARS['VPSTxId'] . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false); } } else { tep_session_unregister('sage_pay_server_securitykey'); tep_session_unregister('sage_pay_server_nexturl'); $error = $this->getErrorMessageNumber($HTTP_POST_VARS['StatusDetail']); if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') { $error_url = tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false); } else { $error_url = tep_href_link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false); } $result = 'Status=INVALID' . chr(13) . chr(10) . 'RedirectURL=' . $error_url; } echo $result; exit; } elseif (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == 'PROCESS') { if ($HTTP_GET_VARS['key'] == md5($sage_pay_server_securitykey)) { tep_session_unregister('sage_pay_server_securitykey'); tep_session_unregister('sage_pay_server_nexturl'); if (isset($HTTP_GET_VARS['VPSTxId'])) { $order->info['comments'] = 'Sage Pay Reference ID: ' . $HTTP_GET_VARS['VPSTxId'] . (tep_not_null($order->info['comments']) ? "\n\n" . $order->info['comments'] : ''); } return true; } } else { $params = array('VPSProtocol' => '2.23', 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'NotificationURL' => tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=SERVER&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false), 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0'); $ip_address = tep_get_ip_address(); if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) { $params['ClientIPAddress'] = $ip_address; } if (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Payment') { $params['TxType'] = 'PAYMENT'; } elseif (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Deferred') { $params['TxType'] = 'DEFERRED'; } else { $params['TxType'] = 'AUTHENTICATE'; } if ($params['BillingCountry'] == 'US') { $params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], ''); } if ($params['DeliveryCountry'] == 'US') { $params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], ''); } if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE != 'Normal') { $params['Profile'] = 'LOW'; } $contents = array(); foreach ($order->products as $product) { $product_name = $product['name']; if (isset($product['attributes'])) { foreach ($product['attributes'] as $att) { $product_name .= '; ' . $att['option'] . '=' . $att['value']; } } $contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']); } foreach ($order_totals as $ot) { $contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']); } $params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500); $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } switch (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://live.sagepay.com/gateway/service/vspserver-register.vsp'; break; case 'Test': $gateway_url = 'https://test.sagepay.com/gateway/service/vspserver-register.vsp'; break; default: $gateway_url = 'https://test.sagepay.com/Simulator/VSPServerGateway.asp?Service=VendorRegisterTx'; break; } $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); $string_array = explode(chr(10), $transaction_response); $return = array(); foreach ($string_array as $string) { if (strpos($string, '=') != false) { $parts = explode('=', $string, 2); $return[trim($parts[0])] = trim($parts[1]); } } if ($return['Status'] == 'OK') { tep_session_register('sage_pay_server_securitykey'); $sage_pay_server_securitykey = $return['SecurityKey']; tep_session_register('sage_pay_server_nexturl'); $sage_pay_server_nexturl = $return['NextURL']; if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') { tep_redirect($return['NextURL']); } else { tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL')); } } else { $error = $this->getErrorMessageNumber($return['StatusDetail']); } } tep_session_unregister('sage_pay_server_securitykey'); tep_session_unregister('sage_pay_server_nexturl'); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL')); }
function _process() { global $osC_Database, $osC_Session, $osC_Customer, $osC_Currencies, $cart, $order, $payment_modules, $shipping_modules, $order_total_modules; // load selected payment module require DIR_WS_CLASSES . 'payment.php'; $payment_modules = new payment($osC_Session->value('payment')); // load the selected shipping module require DIR_WS_CLASSES . 'shipping.php'; $shipping_modules = new shipping($osC_Session->value('shipping')); $order = new order(); // load the before_process function from the payment modules $payment_modules->before_process(); require DIR_WS_CLASSES . 'order_total.php'; $order_total_modules = new order_total(); $order_totals = $order_total_modules->process(); $Qorder = $osC_Database->query('insert into :table_orders (customers_id, customers_name, customers_company, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_country, customers_telephone, customers_email_address, customers_address_format_id, customers_ip_address, delivery_name, delivery_company, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_country, delivery_address_format_id, billing_name, billing_company, billing_street_address, billing_suburb, billing_city, billing_postcode, billing_state, billing_country, billing_address_format_id, payment_method, cc_type, cc_owner, cc_number, cc_expires, date_purchased, orders_status, currency, currency_value) values (:customers_id, :customers_name, :customers_company, :customers_street_address, :customers_suburb, :customers_city, :customers_postcode, :customers_state, :customers_country, :customers_telephone, :customers_email_address, :customers_address_format_id, :customers_ip_address, :delivery_name, :delivery_company, :delivery_street_address, :delivery_suburb, :delivery_city, :delivery_postcode, :delivery_state, :delivery_country, :delivery_address_format_id, :billing_name, :billing_company, :billing_street_address, :billing_suburb, :billing_city, :billing_postcode, :billing_state, :billing_country, :billing_address_format_id, :payment_method, :cc_type, :cc_owner, :cc_number, :cc_expires, :date_purchased, :orders_status, :currency, :currency_value)'); $Qorder->bindTable(':table_orders', TABLE_ORDERS); $Qorder->bindInt(':customers_id', $osC_Customer->id); $Qorder->bindValue(':customers_name', $order->customer['firstname'] . ' ' . $order->customer['lastname']); $Qorder->bindValue(':customers_company', $order->customer['company']); $Qorder->bindValue(':customers_street_address', $order->customer['street_address']); $Qorder->bindValue(':customers_suburb', $order->customer['suburb']); $Qorder->bindValue(':customers_city', $order->customer['city']); $Qorder->bindValue(':customers_postcode', $order->customer['postcode']); $Qorder->bindValue(':customers_state', $order->customer['state']); $Qorder->bindValue(':customers_country', $order->customer['country']['title']); $Qorder->bindValue(':customers_telephone', $order->customer['telephone']); $Qorder->bindValue(':customers_email_address', $order->customer['email_address']); $Qorder->bindInt(':customers_address_format_id', $order->customer['format_id']); $Qorder->bindValue(':customers_ip_address', tep_get_ip_address()); $Qorder->bindValue(':delivery_name', $order->delivery['firstname'] . ' ' . $order->delivery['lastname']); $Qorder->bindValue(':delivery_company', $order->delivery['company']); $Qorder->bindValue(':delivery_street_address', $order->delivery['street_address']); $Qorder->bindValue(':delivery_suburb', $order->delivery['suburb']); $Qorder->bindValue(':delivery_city', $order->delivery['city']); $Qorder->bindValue(':delivery_postcode', $order->delivery['postcode']); $Qorder->bindValue(':delivery_state', $order->delivery['state']); $Qorder->bindValue(':delivery_country', $order->delivery['country']['title']); $Qorder->bindInt(':delivery_address_format_id', $order->delivery['format_id']); $Qorder->bindValue(':billing_name', $order->billing['firstname'] . ' ' . $order->billing['lastname']); $Qorder->bindValue(':billing_company', $order->billing['company']); $Qorder->bindValue(':billing_street_address', $order->billing['street_address']); $Qorder->bindValue(':billing_suburb', $order->billing['suburb']); $Qorder->bindValue(':billing_city', $order->billing['city']); $Qorder->bindValue(':billing_postcode', $order->billing['postcode']); $Qorder->bindValue(':billing_state', $order->billing['state']); $Qorder->bindValue(':billing_country', $order->billing['country']['title']); $Qorder->bindInt(':billing_address_format_id', $order->billing['format_id']); $Qorder->bindValue(':payment_method', $order->info['payment_method']); $Qorder->bindValue(':cc_type', $order->info['cc_type']); $Qorder->bindValue(':cc_owner', $order->info['cc_owner']); $Qorder->bindValue(':cc_number', $order->info['cc_number']); $Qorder->bindValue(':cc_expires', $order->info['cc_expires']); $Qorder->bindRaw(':date_purchased', 'now()'); $Qorder->bindValue(':orders_status', $order->info['order_status']); $Qorder->bindValue(':currency', $order->info['currency']); $Qorder->bindValue(':currency_value', $order->info['currency_value']); $Qorder->execute(); $insert_id = $osC_Database->nextID(); for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { $Qtotals = $osC_Database->query('insert into :table_orders_total (orders_id, title, text, value, class, sort_order) values (:orders_id, :title, :text, :value, :class, :sort_order)'); $Qtotals->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL); $Qtotals->bindInt(':orders_id', $insert_id); $Qtotals->bindValue(':title', $order_totals[$i]['title']); $Qtotals->bindValue(':text', $order_totals[$i]['text']); $Qtotals->bindValue(':value', $order_totals[$i]['value']); $Qtotals->bindValue(':class', $order_totals[$i]['code']); $Qtotals->bindInt(':sort_order', $order_totals[$i]['sort_order']); $Qtotals->execute(); } $Qstatus = $osC_Database->query('insert into :table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values (:orders_id, :orders_status_id, :date_added, :customer_notified, :comments)'); $Qstatus->bindTable(':table_orders_status_history', TABLE_ORDERS_STATUS_HISTORY); $Qstatus->bindInt(':orders_id', $insert_id); $Qstatus->bindInt(':orders_status_id', $order->info['order_status']); $Qstatus->bindRaw(':date_added', 'now()'); $Qstatus->bindInt(':customer_notified', SEND_EMAILS == 'true' ? '1' : '0'); $Qstatus->bindValue(':comments', $order->info['comments']); $Qstatus->execute(); // initialized for the email confirmation $products_ordered = ''; $subtotal = 0; $total_tax = 0; $total_weight = 0; $total_cost = 0; for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { // Stock Update - Joao Correia if (STOCK_LIMITED == 'true') { if (DOWNLOAD_ENABLED == 'true') { $Qstock = $osC_Database->query('select products_quantity, pad.products_attributes_filename from :table_products p left join :table_products_attributes pa on (p.products_id = pa.products_id) left join :table_products_attributes_download pad on (pa.products_attributes_id = pad.products_attributes_id) where p.products_id = :products_id'); $Qstock->bindTable(':table_products', TABLE_PRODUCTS); $Qstock->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qstock->bindTable(':table_products_attributes_download', TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD); $Qstock->bindInt(':products_id', tep_get_prid($order->products[$i]['id'])); // Will work with only one option for downloadable products otherwise, we have to build the query dynamically with a loop $products_attributes = $order->products[$i]['attributes']; if (is_array($products_attributes)) { $Qstock->appendQuery('and pa.options_id = :options_id and pa.options_values_id = :options_values_id'); $Qstock->bindInt(':options_id', $products_attributes[0]['option_id']); $Qstock->bindInt(':options_values_id', $products_attributes[0]['value_id']); } } else { $Qstock = $osC_Database->query('select products_quantity from :table_products where products_id = :products_id'); $Qstock->bindTable(':table_products', TABLE_PRODUCTS); $Qstock->bindInt(':products_id', tep_get_prid($order->products[$i]['id'])); } $Qstock->execute(); if ($Qstock->numberOfRows() > 0) { $stock_left = $Qstock->valueInt('products_quantity'); // do not decrement quantities if products_attributes_filename exists if (DOWNLOAD_ENABLED != 'true' || DOWNLOAD_ENABLED == 'true' && strlen($Qstock->value('products_attributes_filename')) < 1) { $stock_left = $stock_left - $order->products[$i]['qty']; $Qupdate = $osC_Database->query('update :table_products set products_quantity = :products_quantity where products_id = :products_id'); $Qupdate->bindTable(':table_products', TABLE_PRODUCTS); $Qupdate->bindInt(':products_quantity', $stock_left); $Qupdate->bindInt(':products_id', tep_get_prid($order->products[$i]['id'])); $Qupdate->execute(); } if (STOCK_ALLOW_CHECKOUT == 'false' && $stock_left < 1) { $Qupdate = $osC_Database->query('update :table_products set products_status = :products_status where products_id = :products_id'); $Qupdate->bindTable(':table_products', TABLE_PRODUCTS); $Qupdate->bindInt(':products_status', 0); $Qupdate->bindInt(':products_id', tep_get_prid($order->products[$i]['id'])); $Qupdate->execute(); } } } // Update products_ordered (for bestsellers list) $Qupdate = $osC_Database->query('update :table_products set products_ordered = products_ordered + :products_ordered where products_id = :products_id'); $Qupdate->bindTable(':table_products', TABLE_PRODUCTS); $Qupdate->bindInt(':products_ordered', $order->products[$i]['qty']); $Qupdate->bindInt(':products_id', tep_get_prid($order->products[$i]['id'])); $Qupdate->execute(); $Qproducts = $osC_Database->query('insert into :table_orders_products (orders_id, products_id, products_model, products_name, products_price, final_price, products_tax, products_quantity) values (:orders_id, :products_id, :products_model, :products_name, :products_price, :final_price, :products_tax, :products_quantity)'); $Qproducts->bindTable(':table_orders_products', TABLE_ORDERS_PRODUCTS); $Qproducts->bindInt(':orders_id', $insert_id); $Qproducts->bindInt(':products_id', tep_get_prid($order->products[$i]['id'])); $Qproducts->bindValue(':products_model', $order->products[$i]['model']); $Qproducts->bindValue(':products_name', $order->products[$i]['name']); $Qproducts->bindValue(':products_price', $order->products[$i]['price']); $Qproducts->bindValue(':final_price', $order->products[$i]['final_price']); $Qproducts->bindValue(':products_tax', $order->products[$i]['tax']); $Qproducts->bindInt(':products_quantity', $order->products[$i]['qty']); $Qproducts->execute(); $order_products_id = $osC_Database->nextID(); //------insert customer choosen option to order-------- $attributes_exist = '0'; $products_ordered_attributes = ''; if (isset($order->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $Qattributes = $osC_Database->query('select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename from :table_products_options popt, :table_products_options_values poval, :table_products_attributes pa left join :table_products_attributes_download pad on (pa.products_attributes_id = pad.products_attributes_id) where pa.products_id = :products_id and pa.options_id = :options_id and pa.options_id = popt.products_options_id and pa.options_values_id = :options_values_id and pa.options_values_id = poval.products_options_values_id and popt.language_id = :popt_language_id and poval.language_id = :poval_language_id'); $Qattributes->bindTable(':table_products_options', TABLE_PRODUCTS_OPTIONS); $Qattributes->bindTable(':table_products_options_values', TABLE_PRODUCTS_OPTIONS_VALUES); $Qattributes->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qattributes->bindTable(':table_products_attributes_download', TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD); $Qattributes->bindInt(':products_id', $order->products[$i]['id']); $Qattributes->bindInt(':options_id', $order->products[$i]['attributes'][$j]['option_id']); $Qattributes->bindInt(':options_values_id', $order->products[$i]['attributes'][$j]['value_id']); $Qattributes->bindInt(':popt_language_id', $osC_Session->value('languages_id')); $Qattributes->bindInt(':poval_language_id', $osC_Session->value('languages_id')); } else { $Qattributes = $osC_Database->query('select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from :table_products_options popt, :table_products_options_values poval, :table_products_attributes pa where pa.products_id = :products_id and pa.options_id = :options_id and pa.options_id = popt.products_options_id and pa.options_values_id = :options_values_id and pa.options_values_id = poval.products_options_values_id and popt.language_id = :popt_language_id and poval.language_id = :poval_language_id'); $Qattributes->bindTable(':table_products_options', TABLE_PRODUCTS_OPTIONS); $Qattributes->bindTable(':table_products_options_values', TABLE_PRODUCTS_OPTIONS_VALUES); $Qattributes->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qattributes->bindInt(':products_id', $order->products[$i]['id']); $Qattributes->bindInt(':options_id', $order->products[$i]['attributes'][$j]['option_id']); $Qattributes->bindInt(':options_values_id', $order->products[$i]['attributes'][$j]['value_id']); $Qattributes->bindInt(':popt_language_id', $osC_Session->value('languages_id')); $Qattributes->bindInt(':poval_language_id', $osC_Session->value('languages_id')); } $Qattributes->execute(); $Qopa = $osC_Database->query('insert into :table_orders_products_attributes (orders_id, orders_products_id, products_options, products_options_values, options_values_price, price_prefix) values (:orders_id, :orders_products_id, :products_options, :products_options_values, :options_values_price, :price_prefix)'); $Qopa->bindTable(':table_orders_products_attributes', TABLE_ORDERS_PRODUCTS_ATTRIBUTES); $Qopa->bindInt(':orders_id', $insert_id); $Qopa->bindInt(':orders_products_id', $order_products_id); $Qopa->bindValue(':products_options', $attributes_values['products_options_name']); $Qopa->bindValue(':products_options_values', $attributes_values['products_options_values_name']); $Qopa->bindValue(':options_values_price', $attributes_values['options_values_price']); $Qopa->bindValue(':price_prefix', $attributes_values['price_prefix']); $Qopa->execute(); if (DOWNLOAD_ENABLED == 'true' && strlen($Qattributes->value('products_attributes_filename')) > 0) { $Qopd = $osC_Database->query('insert into :table_orders_products_download (orders_id, orders_products_id, orders_products_filename, download_maxdays, download_count) values (:orders_id, :orders_products_id, :orders_products_filename, :download_maxdays, :download_count)'); $Qopd->bindTable(':table_orders_products_download', TABLE_ORDERS_PRODUCTS_DOWNLOAD); $Qopd->bindInt(':orders_id', $insert_id); $Qopd->bindInt(':orders_products_id', $order_products_id); $Qopd->bindValue(':orders_products_filename', $Qattributes->value('products_attributes_filename')); $Qopd->bindValue(':download_maxdays', $Qattributes->value('products_attributes_maxdays')); $Qopd->bindValue(':download_count', $Qattributes->value('products_attributes_maxcount')); $Qopd->execute(); } $products_ordered_attributes .= "\n\t" . $Qattributes->value('products_options_name') . ' ' . $Qattributes->value('products_options_values_name'); } } //------insert customer choosen option eof ---- $total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight']; $total_tax += tep_calculate_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty']; $total_cost += $order->products[$i]['final_price']; $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $osC_Currencies->displayPrice($order->products[$i]['final_price'], $order->products[$i]['tax_class_id'], $order->products[$i]['qty']) . $products_ordered_attributes . "\n"; } // lets start with the email confirmation $email_order = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_href_link(FILENAME_ACCOUNT, 'orders=' . $insert_id, 'SSL', false) . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n"; if ($order->info['comments']) { $email_order .= tep_output_string_protected($order->info['comments']) . "\n\n"; } $email_order .= EMAIL_TEXT_PRODUCTS . "\n" . EMAIL_SEPARATOR . "\n" . $products_ordered . EMAIL_SEPARATOR . "\n"; for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n"; } if ($order->content_type != 'virtual') { $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . tep_address_label($osC_Customer->id, $osC_Session->value('sendto'), 0, '', "\n") . "\n"; } $email_order .= "\n" . EMAIL_TEXT_BILLING_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . tep_address_label($osC_Customer->id, $osC_Session->value('billto'), 0, '', "\n") . "\n\n"; $payment =& $osC_Session->value('payment'); if (is_object(${$payment})) { $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" . EMAIL_SEPARATOR . "\n"; $payment_class = ${$payment}; $email_order .= $payment_class->title . "\n\n"; if (isset($payment_class->email_footer)) { $email_order .= $payment_class->email_footer . "\n\n"; } } tep_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); // send emails to other people if (SEND_EXTRA_ORDER_EMAILS_TO != '') { tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } // load the after_process function from the payment modules $payment_modules->after_process(); $cart->reset(true); // unregister session variables used during checkout $osC_Session->remove('sendto'); $osC_Session->remove('billto'); $osC_Session->remove('shipping'); $osC_Session->remove('payment'); $osC_Session->remove('comments'); tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'success', 'SSL')); }
function before_process() { global $HTTP_POST_VARS, $order, $sendto; if (isset($HTTP_POST_VARS['cc_owner_firstname']) && !empty($HTTP_POST_VARS['cc_owner_firstname']) && isset($HTTP_POST_VARS['cc_owner_lastname']) && !empty($HTTP_POST_VARS['cc_owner_lastname']) && isset($HTTP_POST_VARS['cc_type']) && isset($this->cc_types[$HTTP_POST_VARS['cc_type']]) && isset($HTTP_POST_VARS['cc_number_nh-dns']) && !empty($HTTP_POST_VARS['cc_number_nh-dns'])) { if (MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_SERVER == 'Live') { $api_url = 'https://payflowpro.verisign.com/transaction'; } else { $api_url = 'https://pilot-payflowpro.verisign.com/transaction'; } $name = explode(' ', $HTTP_POST_VARS['cc_owner'], 2); $params = array('USER' => tep_not_null(MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME) ? MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME : MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'AMT' => $this->format_raw($order->info['total']), 'CURRENCY' => $order->info['currency'], 'FIRSTNAME' => $HTTP_POST_VARS['cc_owner_firstname'], 'LASTNAME' => $HTTP_POST_VARS['cc_owner_lastname'], 'STREET' => $order->billing['street_address'], 'CITY' => $order->billing['city'], 'STATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'COUNTRY' => $order->billing['country']['iso_code_2'], 'ZIP' => $order->billing['postcode'], 'CLIENTIP' => tep_get_ip_address(), 'EMAIL' => $order->customer['email_address'], 'ACCT' => $HTTP_POST_VARS['cc_number_nh-dns'], 'ACCTTYPE' => $HTTP_POST_VARS['cc_type'], 'CARDSTART' => $HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 'EXPDATE' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'CVV2' => $HTTP_POST_VARS['cc_cvc_nh-dns'], 'BUTTONSOURCE' => 'osCommerce22_Default_PRO2DP'); if ($HTTP_POST_VARS['cc_type'] == '9' || $HTTP_POST_VARS['cc_type'] == 'S') { $params['CARDISSUE'] = $HTTP_POST_VARS['cc_issue_nh-dns']; } if (is_numeric($sendto) && $sendto > 0) { $params['SHIPTOFIRSTNAME'] = $order->delivery['firstname']; $params['SHIPTOLASTNAME'] = $order->delivery['lastname']; $params['SHIPTOSTREET'] = $order->delivery['street_address']; $params['SHIPTOCITY'] = $order->delivery['city']; $params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); $params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2']; $params['SHIPTOZIP'] = $order->delivery['postcode']; } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '[' . strlen(urlencode(utf8_encode(trim($value)))) . ']=' . urlencode(utf8_encode(trim($value))) . '&'; } $post_string = substr($post_string, 0, -1); $response = $this->sendTransactionToGateway($api_url, $post_string, array('X-VPS-REQUEST-ID: ' . md5($cartID . tep_session_id() . rand()))); $response_array = array(); parse_str($response, $response_array); if ($response_array['RESULT'] != '0') { switch ($response_array['RESULT']) { case '1': case '26': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_CFG_ERROR; break; case '7': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ADDRESS; break; case '12': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_DECLINED; break; case '23': case '24': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_INVALID_CREDIT_CARD; break; default: $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_GENERAL; break; } tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . urlencode($error_message), 'SSL')); } } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ALL_FIELDS_REQUIRED, 'SSL')); } }
function before_process() { global $HTTP_GET_VARS, $HTTP_POST_VARS, $customer_id, $order, $currency, $order_totals, $cartID; $error = null; if (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == '3D' && isset($HTTP_POST_VARS['MD']) && tep_not_null($HTTP_POST_VARS['MD']) && isset($HTTP_POST_VARS['PaRes']) && tep_not_null($HTTP_POST_VARS['PaRes'])) { switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://live.sagepay.com/gateway/service/direct3dcallback.vsp'; break; case 'Test': $gateway_url = 'https://test.sagepay.com/gateway/service/direct3dcallback.vsp'; break; default: $gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectCallback.asp'; break; } $post_string = 'MD=' . $HTTP_POST_VARS['MD'] . '&PARes=' . $HTTP_POST_VARS['PaRes']; $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); } else { $cc_type = substr($HTTP_POST_VARS['cc_type'], 0, 15); $cc_owner = substr($HTTP_POST_VARS['cc_owner'], 0, 50); $cc_number = substr(preg_replace('/[^0-9]/', '', $HTTP_POST_VARS['cc_number_nh-dns']), 0, 20); $cc_start = null; $cc_expires = null; $cc_issue = null; $cc_cvc = null; $today = getdate(); $months_array = array(); for ($i = 1; $i < 13; $i++) { $months_array[] = sprintf('%02d', $i); } $year_valid_to_array = array(); for ($i = $today['year']; $i < $today['year'] + 10; $i++) { $year_valid_to_array[] = strftime('%y', mktime(0, 0, 0, 1, 1, $i)); } $year_valid_from_array = array(); for ($i = $today['year'] - 4; $i < $today['year'] + 1; $i++) { $year_valid_from_array[] = strftime('%Y', mktime(0, 0, 0, 1, 1, $i)); } if (isset($HTTP_POST_VARS['cc_type']) == false || $this->isCard($cc_type) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardtype', 'SSL')); } if (isset($HTTP_POST_VARS['cc_owner']) == false || empty($cc_owner)) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardowner', 'SSL')); } if (isset($HTTP_POST_VARS['cc_number_nh-dns']) == false || is_numeric($cc_number) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardnumber', 'SSL')); } if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') { if (in_array($HTTP_POST_VARS['cc_starts_month'], $months_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL')); } if (in_array($HTTP_POST_VARS['cc_starts_year'], $year_valid_from_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL')); } $cc_start = substr($HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 0, 4); } if (in_array($HTTP_POST_VARS['cc_expires_month'], $months_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); } if (in_array($HTTP_POST_VARS['cc_expires_year'], $year_valid_to_array) == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); } if ($HTTP_POST_VARS['cc_expires_year'] == date('y') && $HTTP_POST_VARS['cc_expires_month'] < date('m')) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL')); } $cc_expires = substr($HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 0, 4); if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') { $cc_issue = substr($HTTP_POST_VARS['cc_issue_nh-dns'], 0, 2); if (isset($HTTP_POST_VARS['cc_issue_nh-dns']) == false || empty($cc_issue)) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardissue', 'SSL')); } } if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') { $cc_cvc = substr($HTTP_POST_VARS['cc_cvc_nh-dns'], 0, 4); if (isset($HTTP_POST_VARS['cc_cvc_nh-dns']) == false || empty($cc_cvc)) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardcvc', 'SSL')); } } $params = array('VPSProtocol' => '2.23', 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_DIRECT_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'CardHolder' => $cc_owner, 'CardNumber' => $cc_number, 'ExpiryDate' => $cc_expires, 'CardType' => $cc_type, 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'CustomerName' => substr($order->billing['firstname'] . ' ' . $order->billing['lastname'], 0, 100), 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0'); $ip_address = tep_get_ip_address(); if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) { $params['ClientIPAddress'] = $ip_address; } if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Payment') { $params['TxType'] = 'PAYMENT'; } elseif (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Deferred') { $params['TxType'] = 'DEFERRED'; } else { $params['TxType'] = 'AUTHENTICATE'; } if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') { $params['StartDate'] = $cc_start; } if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') { $params['IssueNumber'] = $cc_issue; } if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') { $params['CV2'] = $cc_cvc; } if ($params['BillingCountry'] == 'US') { $params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], ''); } if ($params['DeliveryCountry'] == 'US') { $params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], ''); } $contents = array(); foreach ($order->products as $product) { $product_name = $product['name']; if (isset($product['attributes'])) { foreach ($product['attributes'] as $att) { $product_name .= '; ' . $att['option'] . '=' . $att['value']; } } $contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']); } foreach ($order_totals as $ot) { $contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']); } $params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500); $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://live.sagepay.com/gateway/service/vspdirect-register.vsp'; break; case 'Test': $gateway_url = 'https://test.sagepay.com/gateway/service/vspdirect-register.vsp'; break; default: $gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectGateway.asp'; break; } $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); } $string_array = explode(chr(10), $transaction_response); $return = array(); foreach ($string_array as $string) { if (strpos($string, '=') != false) { $parts = explode('=', $string, 2); $return[trim($parts[0])] = trim($parts[1]); } } if ($return['Status'] == '3DAUTH') { global $sage_pay_direct_acsurl, $sage_pay_direct_pareq, $sage_pay_direct_md; tep_session_register('sage_pay_direct_acsurl'); $sage_pay_direct_acsurl = $return['ACSURL']; tep_session_register('sage_pay_direct_pareq'); $sage_pay_direct_pareq = $return['PAReq']; tep_session_register('sage_pay_direct_md'); $sage_pay_direct_md = $return['MD']; tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL')); } if ($return['Status'] != 'OK' && $return['Status'] != 'AUTHENTICATED' && $return['Status'] != 'REGISTERED') { $error = $this->getErrorMessageNumber($return['StatusDetail']); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL')); } if (isset($return['VPSTxId'])) { $order->info['comments'] = 'Sage Pay Reference ID: ' . $return['VPSTxId'] . (tep_not_null($order->info['comments']) ? "\n\n" . $order->info['comments'] : ''); } }
function getTestConnectionResult() { if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER == 'Live') { $gateway_url = 'https://live.sagepay.com/gateway/service/vspdirect-register.vsp'; } else { $gateway_url = 'https://test.sagepay.com/gateway/service/vspdirect-register.vsp'; } $params = array('VPSProtocol' => $this->api_version, 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_DIRECT_VENDOR_LOGIN_NAME, 0, 15), 'Amount' => 0, 'Currency' => DEFAULT_CURRENCY); $ip_address = tep_get_ip_address(); if (!empty($ip_address) && ip2long($ip_address) != -1 && ip2long($ip_address) != false) { $params['ClientIPAddress'] = $ip_address; } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $response = $this->sendTransactionToGateway($gateway_url, $post_string); if ($response != false) { return 1; } return -1; }
function before_process() { global $HTTP_POST_VARS, $order, $sendto, $messageStack, $currencies; if (isset($HTTP_POST_VARS['cc_owner']) && !empty($HTTP_POST_VARS['cc_owner']) && isset($HTTP_POST_VARS['cc_type']) && isset($this->cc_types[$HTTP_POST_VARS['cc_type']]) && isset($HTTP_POST_VARS['cc_number_nh-dns']) && !empty($HTTP_POST_VARS['cc_number_nh-dns'])) { if (MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_SERVER == 'Live') { $api_url = 'https://api-3t.paypal.com/nvp'; } else { $api_url = 'https://api-3t.sandbox.paypal.com/nvp'; } $new_order_number_query = tep_db_query("show table status like '" . TABLE_ORDERS . "'"); $new_order_number_row = tep_db_fetch_array($new_order_number_query); $new_order_number = (int) $new_order_number_row['Auto_increment']; $params = array('METHOD' => 'DoDirectPayment', 'VERSION' => '51.0', 'PWD' => MODULE_PAYMENT_PAYPAL_DIRECT_API_PASSWORD, 'USER' => MODULE_PAYMENT_PAYPAL_DIRECT_API_USERNAME, 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_DIRECT_API_SIGNATURE, 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => tep_get_ip_address(), 'DESC' => 'Payment against an invoice #' . $new_order_number, 'CUSTOM' => '', 'INVNUM' => $new_order_number, 'NOTIFYURL' => HTTPS_SERVER . DIR_WS_CATALOG . 'ext/modules/payment/paypal/index.php', 'AMT' => $this->format_raw($order->info['total'], $HTTP_POST_VARS['cc_currency']), 'CREDITCARDTYPE' => $HTTP_POST_VARS['cc_type'], 'ACCT' => $HTTP_POST_VARS['cc_number_nh-dns'], 'EXPDATE' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'CVV2' => $HTTP_POST_VARS['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($HTTP_POST_VARS['cc_owner'], 0, strpos($HTTP_POST_VARS['cc_owner'], ' ')), 'LASTNAME' => substr($HTTP_POST_VARS['cc_owner'], strpos($HTTP_POST_VARS['cc_owner'], ' ') + 1), 'STREET' => $HTTP_POST_VARS['cc_billing_street'], 'CITY' => $HTTP_POST_VARS['cc_billing_city'], 'STATE' => $HTTP_POST_VARS['cc_billing_state'], 'ZIP' => $HTTP_POST_VARS['cc_billing_postcode'], 'COUNTRYCODE' => $HTTP_POST_VARS['cc_billing_country'], 'CURRENCYCODE' => $HTTP_POST_VARS['cc_currency'], 'EMAIL' => $order->customer['email_address'], 'PHONENUM' => $order->delivery['telephone']); if ($HTTP_POST_VARS['cc_type'] == 'SWITCH' || $HTTP_POST_VARS['cc_type'] == 'SOLO') { $params['ISSUENUMBER'] = $HTTP_POST_VARS['cc_issue_nh-dns']; } $post_string = ''; reset($params); while (list($key, $value) = each($params)) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $response = $this->sendTransactionToGateway($api_url, $post_string); $response_array = array(); parse_str($response, $response_array); if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') { $messageStack->add_session('header', $response_array['L_LONGMESSAGE0']); $payment_error_return = 'cc_owner=' . urlencode($HTTP_POST_VARS['cc_owner']) . '&cc_type=' . $HTTP_POST_VARS['cc_type'] . '&cc_expires_month=' . $HTTP_POST_VARS['cc_expires_month'] . '&cc_expires_year=' . $HTTP_POST_VARS['cc_expires_year'] . '&cc_currency=' . $HTTP_POST_VARS['cc_currency'] . '&cc_billing_country=' . urlencode($HTTP_POST_VARS['cc_billing_country']) . '&cc_billing_postcode=' . urlencode($HTTP_POST_VARS['cc_billing_postcode']) . '&cc_billing_state=' . urlencode($HTTP_POST_VARS['cc_billing_state']) . '&cc_billing_city=' . urlencode($HTTP_POST_VARS['cc_billing_city']) . '&cc_billing_street=' . urlencode($HTTP_POST_VARS['cc_billing_street']) . ''; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL')); } else { $billing_country_info = tep_get_countries('', true, $HTTP_POST_VARS['cc_billing_country']); if (sizeof($billing_country_info) == 0) { $countries = file(DIR_WS_MODULES . 'payment/all_countries.csv'); reset($countries); while (list(, $country_info) = each($countries)) { list($country_code, $country_name, $country_iso_code_3) = explode(';', $country_info); if ($country_code == $HTTP_POST_VARS['cc_billing_country']) { $billing_country_info = array('countries_id' => '', 'countries_name' => $country_name, 'countries_iso_code_2' => $country_code, 'countries_iso_code_3' => $country_iso_code_3); } } } $order->info['cc_type'] = $HTTP_POST_VARS['cc_type']; $order->info['cc_owner'] = $HTTP_POST_VARS['cc_owner']; $order->info['cc_number'] = $HTTP_POST_VARS['cc_number_nh-dns']; $order->info['cc_expires'] = $HTTP_POST_VARS['cc_expires_month'] . '/' . $HTTP_POST_VARS['cc_expires_year']; list($billing_firstname, $billing_lastname) = explode(' ', $HTTP_POST_VARS['cc_owner']); $order->billing['firstname'] = $billing_firstname; $order->billing['lastname'] = $billing_lastname; $order->billing['street_address'] = $HTTP_POST_VARS['cc_billing_street']; $order->billing['city'] = $HTTP_POST_VARS['cc_billing_city']; $order->billing['country'] = array('id' => $billing_country_info['countries_id'], 'title' => $billing_country_info['countries_name'], 'iso_code_2' => $billing_country_info['countries_iso_code_2'], 'iso_code_3' => $billing_country_info['countries_iso_code_3']); $order->billing['postcode'] = $HTTP_POST_VARS['cc_billing_postcode']; $order->billing['state'] = $HTTP_POST_VARS['cc_billing_state']; $order->info['currency'] = $HTTP_POST_VARS['cc_currency']; $order->info['currency_value'] = $currencies->currencies[$HTTP_POST_VARS['cc_currency']]['value']; $order->info['is_paid'] = '1'; } } else { $messageStack->add_session('header', MODULE_PAYMENT_PAYPAL_DIRECT_ERROR_ALL_FIELDS_REQUIRED); tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL')); } }
function before_process() { global $HTTP_POST_VARS, $order, $sendto; if (isset($HTTP_POST_VARS['cc_owner']) && $HTTP_POST_VARS['cc_owner'] != '' && isset($HTTP_POST_VARS['cc_type']) && isset($this->cc_types[$HTTP_POST_VARS['cc_type']]) && isset($HTTP_POST_VARS['cc_number_nh-dns']) && $HTTP_POST_VARS['cc_number_nh-dns'] != '') { if (MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_SERVER == 'Live') { $api_url = 'https://api-3t.paypal.com/nvp'; } else { $api_url = 'https://api-3t.sandbox.paypal.com/nvp'; } $params = array('USER' => MODULE_PAYMENT_PAYPAL_DIRECT_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_DIRECT_API_PASSWORD, 'VERSION' => '3.2', 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_DIRECT_API_SIGNATURE, 'METHOD' => 'DoDirectPayment', 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => tep_get_ip_address(), 'AMT' => $this->format_raw($order->info['total']), 'CREDITCARDTYPE' => $HTTP_POST_VARS['cc_type'], 'ACCT' => $HTTP_POST_VARS['cc_number_nh-dns'], 'STARTDATE' => $HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 'EXPDATE' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'CVV2' => $HTTP_POST_VARS['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($HTTP_POST_VARS['cc_owner'], 0, strpos($HTTP_POST_VARS['cc_owner'], ' ')), 'LASTNAME' => substr($HTTP_POST_VARS['cc_owner'], strpos($HTTP_POST_VARS['cc_owner'], ' ') + 1), 'STREET' => $order->billing['street_address'], 'CITY' => $order->billing['city'], 'STATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'ZIP' => $order->billing['postcode'], 'EMAIL' => $order->customer['email_address'], 'PHONENUM' => $order->customer['telephone'], 'CURRENCYCODE' => $order->info['currency'], 'BUTTONSOURCE' => 'osCommerce22_Default_DP'); /*if ( ($HTTP_POST_VARS['cc_type'] == 'SWITCH') || ($HTTP_POST_VARS['cc_type'] == 'SOLO') ) { $params['ISSUENUMBER'] = $HTTP_POST_VARS['cc_issue_nh-dns']; }*/ if (is_numeric($sendto) && $sendto > 0) { $params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname']; $params['SHIPTOSTREET'] = $order->delivery['street_address']; $params['SHIPTOCITY'] = $order->delivery['city']; $params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); $params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2']; $params['SHIPTOZIP'] = $order->delivery['postcode']; } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $response = $this->sendTransactionToGateway($api_url, $post_string); $response_array = array(); parse_str($response, $response_array); if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') { tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_payment=' . stripslashes($response_array['L_LONGMESSAGE0']), 'NONSSL')); } } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_payment=' . MODULE_PAYMENT_PAYPAL_DIRECT_ERROR_ALL_FIELDS_REQUIRED, 'NONSSL')); } }
function getTestConnectionResult() { if (MODULE_PAYMENT_PAYPAL_PRO_DP_TRANSACTION_SERVER == 'Live') { $api_url = 'https://api-3t.paypal.com/nvp'; } else { $api_url = 'https://api-3t.sandbox.paypal.com/nvp'; } $params = array('USER' => MODULE_PAYMENT_PAYPAL_PRO_DP_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_PRO_DP_API_PASSWORD, 'VERSION' => $this->api_version, 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_PRO_DP_API_SIGNATURE, 'METHOD' => 'DoDirectPayment', 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_PRO_DP_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => tep_get_ip_address()); $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(utf8_encode(trim($value))) . '&'; } $post_string = substr($post_string, 0, -1); $response = $this->sendTransactionToGateway($api_url, $post_string); $response_array = array(); parse_str($response, $response_array); if (is_array($response_array) && isset($response_array['ACK'])) { return 1; } return -1; }
protected function init() { global $request_type, $cookie_domain, $cookie_path, $PHP_SELF, $SID, $currencies, $messageStack, $oscTemplate, $breadcrumb; Registry::set('Cache', new Cache()); $OSCOM_Db = Db::initialize(); Registry::set('Db', $OSCOM_Db); // set the application parameters $Qcfg = $OSCOM_Db->get('configuration', ['configuration_key as k', 'configuration_value as v']); //, null, null, null, 'configuration'); // TODO add cache when supported by admin while ($Qcfg->fetch()) { define($Qcfg->value('k'), $Qcfg->value('v')); } // set the type of request (secure or not) if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' || isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) { $request_type = 'SSL'; define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG); $cookie_domain = HTTPS_COOKIE_DOMAIN; $cookie_path = HTTPS_COOKIE_PATH; } else { $request_type = 'NONSSL'; define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG); $cookie_domain = HTTP_COOKIE_DOMAIN; $cookie_path = HTTP_COOKIE_PATH; } // set php_self in the global scope $req = parse_url($_SERVER['SCRIPT_NAME']); $PHP_SELF = substr($req['path'], $request_type == 'NONSSL' ? strlen(DIR_WS_HTTP_CATALOG) : strlen(DIR_WS_HTTPS_CATALOG)); // set the session name and save path session_name('oscomid'); session_save_path(SESSION_WRITE_DIRECTORY); // set the session cookie parameters session_set_cookie_params(0, $cookie_path, $cookie_domain); if (function_exists('ini_set')) { ini_set('session.use_only_cookies', SESSION_FORCE_COOKIE_USE == 'True' ? 1 : 0); } // set the session ID if it exists if (SESSION_FORCE_COOKIE_USE == 'False') { if (isset($_GET[session_name()]) && (!isset($_COOKIE[session_name()]) || $_COOKIE[session_name()] != $_GET[session_name()])) { session_id($_GET[session_name()]); } elseif (isset($_POST[session_name()]) && (!isset($_COOKIE[session_name()]) || $_COOKIE[session_name()] != $_POST[session_name()])) { session_id($_POST[session_name()]); } } // start the session if (SESSION_FORCE_COOKIE_USE == 'True') { tep_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 30); if (isset($_COOKIE['cookie_test'])) { tep_session_start(); } } elseif (SESSION_BLOCK_SPIDERS == 'True') { $user_agent = ''; if (isset($_SERVER['HTTP_USER_AGENT'])) { $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); } $spider_flag = false; if (!empty($user_agent)) { foreach (file(OSCOM::BASE_DIR . 'spiders.txt') as $spider) { if (!empty($spider)) { if (strpos($user_agent, $spider) !== false) { $spider_flag = true; break; } } } } if ($spider_flag === false) { tep_session_start(); } } else { tep_session_start(); } $this->ignored_actions[] = session_name(); // initialize a session token if (!isset($_SESSION['sessiontoken'])) { $_SESSION['sessiontoken'] = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand()); } // set SID once, even if empty $SID = defined('SID') ? SID : ''; // verify the ssl_session_id if the feature is enabled if ($request_type == 'SSL' && SESSION_CHECK_SSL_SESSION_ID == 'True' && ENABLE_SSL == true && session_status() === PHP_SESSION_ACTIVE) { if (!isset($_SESSION['SSL_SESSION_ID'])) { $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID']; } if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) { tep_session_destroy(); OSCOM::redirect('ssl_check.php'); } } // verify the browser user agent if the feature is enabled if (SESSION_CHECK_USER_AGENT == 'True') { if (!isset($_SESSION['SESSION_USER_AGENT'])) { $_SESSION['SESSION_USER_AGENT'] = $_SERVER['HTTP_USER_AGENT']; } if ($_SESSION['SESSION_USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) { tep_session_destroy(); OSCOM::redirect('index.php', 'Account&LogIn'); } } // verify the IP address if the feature is enabled if (SESSION_CHECK_IP_ADDRESS == 'True') { if (!isset($_SESSION['SESSION_IP_ADDRESS'])) { $_SESSION['SESSION_IP_ADDRESS'] = tep_get_ip_address(); } if ($_SESSION['SESSION_IP_ADDRESS'] != tep_get_ip_address()) { tep_session_destroy(); OSCOM::redirect('index.php', 'Account&LogIn'); } } // create the shopping cart if (!isset($_SESSION['cart']) || !is_object($_SESSION['cart']) || get_class($_SESSION['cart']) != 'shoppingCart') { $_SESSION['cart'] = new \shoppingCart(); } // include currencies class and create an instance $currencies = new \currencies(); // set the language if (!isset($_SESSION['language']) || isset($_GET['language'])) { $lng = new \language(); if (isset($_GET['language']) && !empty($_GET['language'])) { $lng->set_language($_GET['language']); } else { $lng->get_browser_language(); } $_SESSION['language'] = $lng->language['directory']; $_SESSION['languages_id'] = $lng->language['id']; } // include the language translations $system_locale_numeric = setlocale(LC_NUMERIC, 0); include OSCOM::BASE_DIR . 'languages/' . $_SESSION['language'] . '.php'; setlocale(LC_NUMERIC, $system_locale_numeric); // Prevent LC_ALL from setting LC_NUMERIC to a locale with 1,0 float/decimal values instead of 1.0 (see bug #634) // currency if (!isset($_SESSION['currency']) || isset($_GET['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $_SESSION['currency']) { if (isset($_GET['currency']) && $currencies->is_set($_GET['currency'])) { $_SESSION['currency'] = $_GET['currency']; } else { $_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && $currencies->is_set(LANGUAGE_CURRENCY) ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; } } // navigation history if (!isset($_SESSION['navigation']) || !is_object($_SESSION['navigation']) || get_class($_SESSION['navigation']) != 'navigationHistory') { $_SESSION['navigation'] = new \navigationHistory(); } $_SESSION['navigation']->add_current_page(); $messageStack = new \messageStack(); tep_update_whos_online(); tep_activate_banners(); tep_expire_banners(); tep_expire_specials(); $oscTemplate = new \oscTemplate(); $breadcrumb = new \breadcrumb(); $breadcrumb->add(HEADER_TITLE_TOP, HTTP_SERVER); $breadcrumb->add(HEADER_TITLE_CATALOG, OSCOM::link('index.php')); Registry::set('Hooks', new Hooks()); }
while ($cc_list = tep_db_fetch_array($cc_query)) { $rows++; if (strlen($rows) < 2) { $rows = '0' . $rows; } if ((!$_GET['uid'] || @$_GET['uid'] == $cc_list['unique_id']) && !$cInfo) { $cInfo = new objectInfo($cc_list); } if (is_object($cInfo) && $cc_list['unique_id'] == $cInfo->unique_id) { echo ' <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="document.location.href=\'' . tep_href_link(FILENAME_COUPON_ADMIN, tep_get_all_get_params(array('cid', 'action', 'uid')) . 'cid=' . $cInfo->coupon_id . '&action=voucherreport&uid=' . $cinfo->unique_id) . '\'">' . "\n"; } else { echo ' <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . tep_href_link(FILENAME_COUPON_ADMIN, tep_get_all_get_params(array('cid', 'action', 'uid')) . 'cid=' . $cc_list['coupon_id'] . '&action=voucherreport&uid=' . $cc_list['unique_id']) . '\'">' . "\n"; } $customer_query = tep_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . $cc_list['customer_id'] . "'"); $customer = tep_db_fetch_array($customer_query); $redeem_ip = tep_get_ip_address(); ?> <td class="dataTableContent"><?php echo $cc_list['customer_id']; ?> </td> <td class="dataTableContent" align="center"><?php echo $customer['customers_firstname'] . ' ' . $customer['customers_lastname']; ?> </td> <td class="dataTableContent" align="center"><?php echo $redeem_ip; ?> </td> <td class="dataTableContent" align="center"><?php echo tep_date_short($cc_list['redeem_date']);
function process_button() { global $customer_id, $order, $sendto, $currency; $tstamp = time(); $sequence = rand(1, 1000); $params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_LOGIN_ID, 0, 20), 'x_version' => $this->api_version, 'x_show_form' => 'PAYMENT_FORM', 'x_delim_data' => 'FALSE', 'x_relay_response' => 'TRUE', 'x_relay_url' => tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', false), 'x_first_name' => substr($order->billing['firstname'], 0, 50), 'x_last_name' => substr($order->billing['lastname'], 0, 50), 'x_company' => substr($order->billing['company'], 0, 50), 'x_address' => substr($order->billing['street_address'], 0, 60), 'x_city' => substr($order->billing['city'], 0, 40), 'x_state' => substr($order->billing['state'], 0, 40), 'x_zip' => substr($order->billing['postcode'], 0, 20), 'x_country' => substr($order->billing['country']['title'], 0, 60), 'x_phone' => substr(preg_replace('/[^0-9]/', '', $order->customer['telephone']), 0, 25), 'x_cust_id' => substr($customer_id, 0, 20), 'x_customer_ip' => tep_get_ip_address(), 'x_email' => substr($order->customer['email_address'], 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => $this->format_raw($order->info['total']), 'x_currency_code' => substr($currency, 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY', 'x_freight' => $this->format_raw($order->info['shipping_cost']), 'x_fp_sequence' => $sequence, 'x_fp_timestamp' => $tstamp, 'x_fp_hash' => $this->_hmac(MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_KEY, MODULE_PAYMENT_AUTHORIZENET_CC_SIM_LOGIN_ID . '^' . $sequence . '^' . $tstamp . '^' . $this->format_raw($order->info['total']) . '^' . $currency), 'x_cancel_url' => tep_href_link(FILENAME_SHOPPING_CART, '', 'SSL'), 'x_cancel_url_text' => MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TEXT_RETURN_BUTTON); if (is_numeric($sendto) && $sendto > 0) { $params['x_ship_to_first_name'] = substr($order->delivery['firstname'], 0, 50); $params['x_ship_to_last_name'] = substr($order->delivery['lastname'], 0, 50); $params['x_ship_to_company'] = substr($order->delivery['company'], 0, 50); $params['x_ship_to_address'] = substr($order->delivery['street_address'], 0, 60); $params['x_ship_to_city'] = substr($order->delivery['city'], 0, 40); $params['x_ship_to_state'] = substr($order->delivery['state'], 0, 40); $params['x_ship_to_zip'] = substr($order->delivery['postcode'], 0, 20); $params['x_ship_to_country'] = substr($order->delivery['country']['title'], 0, 60); } if (MODULE_PAYMENT_AUTHORIZENET_CC_SIM_TRANSACTION_MODE == 'Test') { $params['x_test_request'] = 'TRUE'; } $tax_value = 0; foreach ($order->info['tax_groups'] as $value) { if ($value > 0) { $tax_value += $this->format_raw($value); } } if ($tax_value > 0) { $params['x_tax'] = $this->format_raw($tax_value); } $process_button_string = ''; foreach ($params as $key => $value) { $process_button_string .= tep_draw_hidden_field($key, $value); } for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { $process_button_string .= tep_draw_hidden_field('x_line_item', $i + 1 . '<|>' . substr($order->products[$i]['name'], 0, 31) . '<|><|>' . $order->products[$i]['qty'] . '<|>' . $this->format_raw($order->products[$i]['final_price']) . '<|>' . ($order->products[$i]['tax'] > 0 ? 'YES' : 'NO')); } $process_button_string .= tep_draw_hidden_field(tep_session_name(), tep_session_id()); return $process_button_string; }
function getTestConnectionResult() { if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_SERVER == 'Live') { $api_url = 'https://secure.authorize.net/gateway/transact.dll'; } else { $api_url = 'https://test.authorize.net/gateway/transact.dll'; } $params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_LOGIN_ID, 0, 20), 'x_tran_key' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_KEY, 0, 16), 'x_version' => $this->api_version, 'x_customer_ip' => tep_get_ip_address(), 'x_relay_response' => 'FALSE', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '|'); $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); $result = $this->sendTransactionToGateway($api_url, $post_string); $response = array('x_response_code' => '-1'); if (!empty($result)) { $raw = explode('|,|', substr($result, 1, -1)); if (count($raw) > 54) { $response['x_response_code'] = $raw[0]; } } if ($response['x_response_code'] != '-1') { return 1; } return -1; }
function tep_get_ip_info($ip = '') { if (empty($ip)) { $ip = tep_get_ip_address(); } $country_code = ''; if (tep_not_null($ip)) { $ip_to_int = tep_ip_to_int($ip); $ip_check_query = tep_db_query("select country_code from " . TABLE_IPS . " where " . $ip_to_int . ">= ip_from and " . $ip_to_int . "<= ip_to"); $ip_check = tep_db_fetch_array($ip_check_query); if (!is_array($ip_check)) { $ip_check = array(); } $country_code = $ip_check['country_code']; } return $country_code; }
} // verify the browser user agent if the feature is enabled if (SESSION_CHECK_USER_AGENT == 'True') { $http_user_agent = getenv('HTTP_USER_AGENT'); if (!tep_session_is_registered('SESSION_USER_AGENT')) { $SESSION_USER_AGENT = $http_user_agent; tep_session_register('SESSION_USER_AGENT'); } if ($SESSION_USER_AGENT != $http_user_agent) { tep_session_destroy(); tep_redirect(tep_href_link(FILENAME_LOGIN)); } } // verify the IP address if the feature is enabled if (SESSION_CHECK_IP_ADDRESS == 'True') { $ip_address = tep_get_ip_address(); if (!tep_session_is_registered('SESSION_IP_ADDRESS')) { $SESSION_IP_ADDRESS = $ip_address; tep_session_register('SESSION_IP_ADDRESS'); } if ($SESSION_IP_ADDRESS != $ip_address) { tep_session_destroy(); tep_redirect(tep_href_link(FILENAME_LOGIN)); } } // create the shopping cart if (!tep_session_is_registered('cart') || !is_object($cart)) { tep_session_register('cart'); $cart = new shoppingCart(); } // include currencies class and create an instance
function setIdentifier() { $this->_identifier = tep_get_ip_address(); }
function before_process() { global $HTTP_POST_VARS, $customer_id, $order, $sendto, $currency; $params = array('x_login' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_LOGIN_ID, 0, 20), 'x_tran_key' => substr(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_KEY, 0, 16), 'x_version' => '3.1', 'x_delim_data' => 'TRUE', 'x_delim_char' => ',', 'x_encap_char' => '"', 'x_relay_response' => 'FALSE', 'x_first_name' => substr($order->billing['firstname'], 0, 50), 'x_last_name' => substr($order->billing['lastname'], 0, 50), 'x_company' => substr($order->billing['company'], 0, 50), 'x_address' => substr($order->billing['street_address'], 0, 60), 'x_city' => substr($order->billing['city'], 0, 40), 'x_state' => substr($order->billing['state'], 0, 40), 'x_zip' => substr($order->billing['postcode'], 0, 20), 'x_country' => substr($order->billing['country']['title'], 0, 60), 'x_phone' => substr($order->customer['telephone'], 0, 25), 'x_cust_id' => substr($customer_id, 0, 20), 'x_customer_ip' => tep_get_ip_address(), 'x_email' => substr($order->customer['email_address'], 0, 255), 'x_description' => substr(STORE_NAME, 0, 255), 'x_amount' => substr($this->format_raw($order->info['total']), 0, 15), 'x_currency_code' => substr($currency, 0, 3), 'x_method' => 'CC', 'x_type' => MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_METHOD == 'Capture' ? 'AUTH_CAPTURE' : 'AUTH_ONLY', 'x_card_num' => substr($HTTP_POST_VARS['cc_number_nh-dns'], 0, 22), 'x_exp_date' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'x_card_code' => substr($HTTP_POST_VARS['cc_cvc_nh-dns'], 0, 4)); if (is_numeric($sendto) && $sendto > 0) { $params['x_ship_to_first_name'] = substr($order->delivery['firstname'], 0, 50); $params['x_ship_to_last_name'] = substr($order->delivery['lastname'], 0, 50); $params['x_ship_to_company'] = substr($order->delivery['company'], 0, 50); $params['x_ship_to_address'] = substr($order->delivery['street_address'], 0, 60); $params['x_ship_to_city'] = substr($order->delivery['city'], 0, 40); $params['x_ship_to_state'] = substr($order->delivery['state'], 0, 40); $params['x_ship_to_zip'] = substr($order->delivery['postcode'], 0, 20); $params['x_ship_to_country'] = substr($order->delivery['country']['title'], 0, 60); } if (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_MODE == 'Test') { $params['x_test_request'] = 'TRUE'; } $tax_value = 0; foreach ($order->info['tax_groups'] as $key => $value) { if ($value > 0) { $tax_value += $this->format_raw($value); } } if ($tax_value > 0) { $params['x_tax'] = $this->format_raw($tax_value); } $params['x_freight'] = $this->format_raw($order->info['shipping_cost']); $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $post_string = substr($post_string, 0, -1); for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { $post_string .= '&x_line_item=' . urlencode($i + 1) . '<|>' . urlencode(substr($order->products[$i]['name'], 0, 31)) . '<|>' . urlencode(substr($order->products[$i]['name'], 0, 255)) . '<|>' . urlencode($order->products[$i]['qty']) . '<|>' . urlencode($this->format_raw($order->products[$i]['final_price'])) . '<|>' . urlencode($order->products[$i]['tax'] > 0 ? 'YES' : 'NO'); } switch (MODULE_PAYMENT_AUTHORIZENET_CC_AIM_TRANSACTION_SERVER) { case 'Live': $gateway_url = 'https://secure.authorize.net/gateway/transact.dll'; break; default: $gateway_url = 'https://test.authorize.net/gateway/transact.dll'; break; } $transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string); if (!empty($transaction_response)) { $regs = preg_split("/,(?=(?:[^\"]*\"[^\"]*\")*(?![^\"]*\"))/", $transaction_response); foreach ($regs as $key => $value) { $regs[$key] = substr($value, 1, -1); // remove double quotes } } else { $regs = array('-1', '-1', '-1'); } $error = false; if ($regs[0] == '1') { if (tep_not_null(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH)) { if (strtoupper($regs[37]) != strtoupper(md5(MODULE_PAYMENT_AUTHORIZENET_CC_AIM_MD5_HASH . MODULE_PAYMENT_AUTHORIZENET_CC_AIM_LOGIN_ID . $regs[6] . $this->format_raw($order->info['total'])))) { $error = 'general'; } } } else { switch ($regs[2]) { case '7': $error = 'invalid_expiration_date'; break; case '8': $error = 'expired'; break; case '6': case '17': case '28': $error = 'declined'; break; case '78': $error = 'cvc'; break; default: $error = 'general'; break; } } if ($error != false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . $error, 'SSL')); } }
function before_process() { global $HTTP_POST_VARS, $order, $order_totals, $sendto, $response_array; if (isset($HTTP_POST_VARS['cc_owner_firstname']) && !empty($HTTP_POST_VARS['cc_owner_firstname']) && isset($HTTP_POST_VARS['cc_owner_lastname']) && !empty($HTTP_POST_VARS['cc_owner_lastname']) && isset($HTTP_POST_VARS['cc_number_nh-dns']) && !empty($HTTP_POST_VARS['cc_number_nh-dns'])) { if (MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_SERVER == 'Live') { $api_url = 'https://payflowpro.paypal.com'; } else { $api_url = 'https://pilot-payflowpro.paypal.com'; } $params = array('USER' => tep_not_null(MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME) ? MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME : MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'AMT' => $this->format_raw($order->info['total']), 'CURRENCY' => $order->info['currency'], 'BILLTOFIRSTNAME' => $HTTP_POST_VARS['cc_owner_firstname'], 'BILLTOLASTNAME' => $HTTP_POST_VARS['cc_owner_lastname'], 'BILLTOSTREET' => $order->billing['street_address'], 'BILLTOCITY' => $order->billing['city'], 'BILLTOSTATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'BILLTOCOUNTRY' => $order->billing['country']['iso_code_2'], 'BILLTOZIP' => $order->billing['postcode'], 'CUSTIP' => tep_get_ip_address(), 'EMAIL' => $order->customer['email_address'], 'ACCT' => $HTTP_POST_VARS['cc_number_nh-dns'], 'EXPDATE' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'CVV2' => $HTTP_POST_VARS['cc_cvc_nh-dns'], 'BUTTONSOURCE' => 'OSCOM23_DPPF'); if (is_numeric($sendto) && $sendto > 0) { $params['SHIPTOFIRSTNAME'] = $order->delivery['firstname']; $params['SHIPTOLASTNAME'] = $order->delivery['lastname']; $params['SHIPTOSTREET'] = $order->delivery['street_address']; $params['SHIPTOCITY'] = $order->delivery['city']; $params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']); $params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2']; $params['SHIPTOZIP'] = $order->delivery['postcode']; } $item_params = array(); $line_item_no = 0; foreach ($order->products as $product) { $item_params['L_NAME' . $line_item_no] = $product['name']; $item_params['L_COST' . $line_item_no] = $this->format_raw($product['final_price']); $item_params['L_QTY' . $line_item_no] = $product['qty']; $line_item_no++; } $items_total = $this->format_raw($order->info['subtotal']); foreach ($order_totals as $ot) { if (!in_array($ot['code'], array('ot_subtotal', 'ot_shipping', 'ot_tax', 'ot_total'))) { $item_params['L_NAME' . $line_item_no] = $ot['title']; $item_params['L_COST' . $line_item_no] = $this->format_raw($ot['value']); $item_params['L_QTY' . $line_item_no] = 1; $items_total += $this->format_raw($ot['value']); $line_item_no++; } } $item_params['ITEMAMT'] = $items_total; $item_params['TAXAMT'] = $this->format_raw($order->info['tax']); $item_params['FREIGHTAMT'] = $this->format_raw($order->info['shipping_cost']); if ($this->format_raw($item_params['ITEMAMT'] + $item_params['TAXAMT'] + $item_params['FREIGHTAMT']) == $params['AMT']) { $params = array_merge($params, $item_params); } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '[' . strlen(trim($value)) . ']=' . trim($value) . '&'; } $post_string = substr($post_string, 0, -1); $response = $this->sendTransactionToGateway($api_url, $post_string); $response_array = array(); parse_str($response, $response_array); if ($response_array['RESULT'] != '0') { $this->sendDebugEmail($response_array); switch ($response_array['RESULT']) { case '1': case '26': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_CFG_ERROR; break; case '7': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ADDRESS; break; case '12': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_DECLINED; break; case '23': case '24': $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_INVALID_CREDIT_CARD; break; default: $error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_GENERAL; break; } tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . urlencode($error_message), 'SSL')); } } else { tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ALL_FIELDS_REQUIRED, 'SSL')); } }
// verify the browser user agent if the feature is enabled if (SESSION_CHECK_USER_AGENT == 'True') { if (!isset($_SESSION['SESSION_USER_AGENT'])) { $_SESSION['SESSION_USER_AGENT'] = $_SERVER['HTTP_USER_AGENT']; } if ($_SESSION['SESSION_USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) { tep_session_destroy(); OSCOM::redirect('login.php'); } } // verify the IP address if the feature is enabled if (SESSION_CHECK_IP_ADDRESS == 'True') { if (!isset($_SESSION['SESSION_IP_ADDRESS'])) { $_SESSION['SESSION_IP_ADDRESS'] = tep_get_ip_address(); } if ($_SESSION['SESSION_IP_ADDRESS'] != tep_get_ip_address()) { tep_session_destroy(); OSCOM::redirect('login.php'); } } // create the shopping cart if (!isset($_SESSION['cart']) || !is_object($_SESSION['cart']) || get_class($_SESSION['cart']) != 'shoppingCart') { $_SESSION['cart'] = new shoppingCart(); } // include currencies class and create an instance require 'includes/classes/currencies.php'; $currencies = new currencies(); // include the mail classes require 'includes/classes/mime.php'; require 'includes/classes/email.php'; // set the language
function make_gateway_vars() { global $order, $osC_Customer; if (MODULE_PAYMENT_AUTHORIZENET_METHOD == 'Credit Card') { $gw_pay_type = array('x_Card_Num' => $this->cc_card_number, 'x_Exp_Date' => $this->cc_expiry_month . substr($this->cc_expiry_year, -2), 'x_Type' => MODULE_PAYMENT_AUTHORIZENET_CREDIT_CAPTURE, 'x_Method' => 'CC'); } if (MODULE_PAYMENT_AUTHORIZENET_METHOD == 'eCheck') { $gw_pay_type = array('x_bank_acct_name' => $this->ec_bank_owner, 'x_bank_acct_type' => $this->ec_bank_acct_type, 'x_bank_name' => $this->ec_bank_name, 'x_bank_aba_code' => $this->ec_bank_aba, 'x_bank_acct_num' => $this->ec_bank_acct, 'x_Type' => 'AUTH_CAPTURE', 'x_echeck_type' => 'WEB', 'x_Method' => 'ECHECK'); if (MODULE_PAYMENT_AUTHORIZENET_WELLSFARGO == 'Yes') { // Add extra fields if (tep_not_null($this->wf_taxid)) { $gw_pay_type2 = array('x_customer_tax_id' => $this->wf_taxid, 'x_customer_organization_type' => $this->wf_org_type); } else { $gw_pay_type2 = array('x_drivers_license_number' => $this->wf_dlnum, 'x_drivers_license_state' => $this->wf_state, 'x_drivers_license_dob' => $this->wf_dob, 'x_customer_organization_type' => $this->wf_org_type); } $gw_pay_type = array_merge($gw_pay_type, $gw_pay_type2); } } $gw_common = array('x_Login' => MODULE_PAYMENT_AUTHORIZENET_LOGIN, 'x_tran_key' => MODULE_PAYMENT_AUTHORIZENET_TXNKEY, 'x_Amount' => number_format($order->info['total'], 2, '.', ''), 'x_Version' => '3.0', 'x_Cust_ID' => $osC_Customer, 'x_Email_Customer' => MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER == 'True' ? 'TRUE' : 'FALSE', 'x_first_name' => $order->billing['firstname'], 'x_last_name' => $order->billing['lastname'], 'x_company' => $order->billing['company'], 'x_address' => $order->billing['street_address'], 'x_city' => $order->billing['city'], 'x_state' => $order->billing['state'], 'x_zip' => $order->billing['postcode'], 'x_country' => $order->billing['country']['title'], 'x_phone' => $order->customer['telephone'], 'x_email' => $order->customer['email_address'], 'x_ship_to_first_name' => $order->delivery['firstname'], 'x_ship_to_last_name' => $order->delivery['lastname'], 'x_ship_to_address' => $order->delivery['street_address'], 'x_ship_to_city' => $order->delivery['city'], 'x_ship_to_state' => $order->delivery['state'], 'x_ship_to_zip' => $order->delivery['postcode'], 'x_ship_to_country' => $order->delivery['country']['title'], 'x_Customer_IP' => tep_get_ip_address()); $gw_vars = array_merge($gw_common, $gw_pay_type); return $gw_vars; }
} if (!isset($_POST['password']) || strlen(trim($_POST['password'])) < ACCOUNT_PASSWORD) { $messageStack->add('create_account', ENTRY_PASSWORD_ERROR); } elseif (!isset($_POST['confirmation']) || trim($_POST['password']) != trim($_POST['confirmation'])) { $messageStack->add('create_account', ENTRY_PASSWORD_ERROR_NOT_MATCHING); } if ($messageStack->size('create_account') === 0) { $osC_Database->startTransaction(); $Qcustomer = $osC_Database->query('insert into :table_customers (customers_firstname, customers_lastname, customers_email_address, customers_newsletter, customers_status, customers_ip_address, customers_password, customers_gender, customers_dob) values (:customers_firstname, :customers_lastname, :customers_email_address, :customers_newsletter, :customers_status, :customers_ip_address, :customers_password, :customers_gender, :customers_dob)'); $Qcustomer->bindRaw(':table_customers', TABLE_CUSTOMERS); $Qcustomer->bindValue(':customers_firstname', trim($_POST['firstname'])); $Qcustomer->bindValue(':customers_lastname', trim($_POST['lastname'])); $Qcustomer->bindValue(':customers_email_address', trim($_POST['email_address'])); $Qcustomer->bindValue(':customers_newsletter', isset($_POST['newsletter']) && $_POST['newsletter'] == '1' ? '1' : ''); $Qcustomer->bindValue(':customers_status', '1'); $Qcustomer->bindValue(':customers_ip_address', tep_get_ip_address()); $Qcustomer->bindValue(':customers_password', tep_encrypt_password(trim($_POST['password']))); $Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f') ? $_POST['gender'] : ''); $Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH > -1 ? date('Ymd', $dob) : ''); $Qcustomer->execute(); if ($Qcustomer->affectedRows() === 1) { $customer_id = $osC_Database->nextID(); $Qci = $osC_Database->query('insert into :table_customers_info (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values (:customers_info_id, :customers_info_number_of_logons, :customers_info_date_account_created)'); $Qci->bindRaw(':table_customers_info', TABLE_CUSTOMERS_INFO); $Qci->bindInt(':customers_info_id', $customer_id); $Qci->bindInt(':customers_info_number_of_logons', 0); $Qci->bindRaw(':customers_info_date_account_created', 'now()'); $Qci->execute(); if ($Qci->affectedRows() === 1) { $osC_Database->commitTransaction(); if (SERVICE_SESSION_REGENERATE_ID == 'True') {
$order_total_modules = new order_total(); $order_totals = $order_total_modules->process(); if ($customer_id == '58543') { reset($order_totals); while (list($i) = each($order_totals)) { if ($order_totals[$i]['code'] == 'ot_shipping') { $order_totals[$i]['title'] = 'Самовывоз'; $order_totals[$i]['text'] = $currencies->format(0); $order_totals[$i]['value'] = '0'; } } $shipping = array('id' => 'slf_0', 'title' => 'Самовывоз', 'cost' => 0); } // load the before_process function from the payment modules $payment_modules->before_process(); $sql_data_array = array('orders_code' => $order->info['code'], 'customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_company_full_name' => $order->customer['company_full'], 'customers_company_name' => $order->customer['company'], 'customers_company_inn' => $order->customer['company_inn'], 'customers_company_kpp' => $order->customer['company_kpp'], 'customers_company_ogrn' => $order->customer['company_ogrn'], 'customers_company_okpo' => $order->customer['company_okpo'], 'customers_company_okogu' => $order->customer['company_okogu'], 'customers_company_okato' => $order->customer['company_okato'], 'customers_company_okved' => $order->customer['company_okved'], 'customers_company_okfs' => $order->customer['company_okfs'], 'customers_company_okopf' => $order->customer['company_okopf'], 'customers_company_address_corporate' => $order->customer['company_address_corporate'], 'customers_company_address_post' => $order->customer['company_address_post'], 'customers_company_telephone' => $order->customer['company_telephone'], 'customers_company_fax' => $order->customer['company_fax'], 'customers_company_bank' => $order->customer['company_bank'], 'customers_company_rs' => $order->customer['company_rs'], 'customers_company_ks' => $order->customer['company_ks'], 'customers_company_bik' => $order->customer['company_bik'], 'customers_company_general' => $order->customer['company_general'], 'customers_company_financial' => $order->customer['company_financial'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'customers_ip' => tep_get_ip_address(), 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_telephone' => $order->delivery['telephone'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_telephone' => $order->billing['telephone'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => strpos($order->info['payment_method'], '(') !== false ? trim(substr($order->info['payment_method'], 0, strpos($order->info['payment_method'], '('))) : $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => tep_not_null($order->info['cc_number']) ? substr($order->info['cc_number'], 0, 4) . str_repeat('X', strlen($order->info['cc_number']) - 8) . substr($order->info['cc_number'], -4) : '', 'cc_expires' => $order->info['cc_expires'], 'check_account_type' => $order->info['check_account_type'], 'check_bank_name' => $order->info['check_bank_name'], 'check_routing_number' => $order->info['check_routing_number'], 'check_account_number' => $order->info['check_account_number'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value'], 'orders_is_paid' => $order->info['is_paid'], 'delivery_transfer' => tep_calculate_date_available($order->info['delivery_transfer']), 'orders_ssl_enabled' => ENABLE_SSL == true ? '1' : '0', 'shops_id' => (int) SHOP_ID); tep_db_perform(TABLE_ORDERS, $sql_data_array); $insert_id = tep_db_insert_id(); tep_order_log($insert_id, '*** Order #' . $insert_id . ' created (pid=' . getmypid() . ', memory_peak=' . memory_get_peak_usage(true) . ')'); tep_order_log($insert_id, tep_get_memory()); $order_delivery_transfer = $order->info['delivery_transfer']; $order_delivery_country_code = $order->delivery['country']['iso_code_2']; $order_products_sum = 0; for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { $total_title = $order_totals[$i]['title']; if ($order_totals[$i]['code'] != 'ot_discount' && strpos($order_totals[$i]['code'], 'tax') === false) { list($total_title) = explode('(', $order_totals[$i]['title']); } // if (preg_match('/^([^\(]+)\(.*$/i', $total_title, $regs)) $total_title = $regs[1]; $total_title = trim($total_title); tep_db_query("insert into " . TABLE_ORDERS_TOTAL . " (orders_id, title, text, value, class, sort_order) values ('" . (int) $insert_id . "', '" . tep_db_input($total_title) . "', '" . tep_db_input($order_totals[$i]['text']) . "', '" . str_replace(',', '.', tep_db_input($order_totals[$i]['value'])) . "', '" . tep_db_input($order_totals[$i]['code']) . "', '" . tep_db_input($order_totals[$i]['sort_order']) . "')");