/** * @param int $order_id * @param array $data * @throws AException */ public function addOrderHistory($order_id, $data) { $this->db->query("UPDATE `" . $this->db->table("orders") . "`\n\t\t\t\t\t\t\tSET order_status_id = '" . (int) $data['order_status_id'] . "',\n\t\t\t\t\t\t\t\tdate_modified = NOW()\n\t\t\t\t\t\t\tWHERE order_id = '" . (int) $order_id . "'"); if ($data['append']) { $this->db->query("INSERT INTO " . $this->db->table("order_history") . "\n \t\t SET order_id = '" . (int) $order_id . "',\n \t\t order_status_id = '" . (int) $data['order_status_id'] . "',\n \t\t notify = '" . (isset($data['notify']) ? (int) $data['notify'] : 0) . "',\n \t\t comment = '" . $this->db->escape(strip_tags($data['comment'])) . "',\n \t\t date_added = NOW()"); } if ($data['notify']) { $order_query = $this->db->query("SELECT *, os.name AS status\n \t FROM `" . $this->db->table("orders") . "` o\n \t LEFT JOIN " . $this->db->table("order_statuses") . " os ON (o.order_status_id = os.order_status_id AND os.language_id = o.language_id)\n \t LEFT JOIN " . $this->db->table("languages") . " l ON (o.language_id = l.language_id)\n \t WHERE o.order_id = '" . (int) $order_id . "'"); if ($order_query->num_rows) { //load language specific for the order in admin section $language = new ALanguage(Registry::getInstance(), $order_query->row['code'], 1); $language->load($order_query->row['filename']); $language->load('mail/order'); $this->load->model('setting/store'); $subject = sprintf($language->get('text_subject'), $order_query->row['store_name'], $order_id); $message = $language->get('text_order') . ' ' . $order_id . "\n"; $message .= $language->get('text_date_added') . ' ' . dateISO2Display($order_query->row['date_added'], $language->get('date_format_short')) . "\n\n"; $message .= $language->get('text_order_status') . "\n\n"; $message .= $order_query->row['status'] . "\n\n"; //send link to order only for registered custemers if ($order_query->row['customer_id']) { $message .= $language->get('text_invoice') . "\n"; $message .= html_entity_decode($order_query->row['store_url'] . 'index.php?rt=account/invoice&order_id=' . $order_id, ENT_QUOTES, 'UTF-8') . "\n\n"; } elseif ($this->config->get('config_guest_checkout') && $order_query->row['email']) { $order_token = AEncryption::mcrypt_encode($order_id . '~~~' . $order_query->row['email']); if ($order_token) { $message .= $language->get('text_invoice') . "\n"; $message .= html_entity_decode($order_query->row['store_url'] . 'index.php?rt=account/invoice&ot=' . $order_token, ENT_QUOTES, 'UTF-8') . "\n\n"; } } if ($data['comment']) { $message .= $language->get('text_comment') . "\n\n"; $message .= strip_tags(html_entity_decode($data['comment'], ENT_QUOTES, 'UTF-8')) . "\n\n"; } $message .= $language->get('text_footer'); if ($this->dcrypt->active) { $customer_email = $this->dcrypt->decrypt_field($order_query->row['email'], $order_query->row['key_id']); } else { $customer_email = $order_query->row['email']; } $mail = new AMail($this->config); $mail->setTo($customer_email); $mail->setFrom($this->config->get('store_main_email')); $mail->setSender($order_query->row['store_name']); $mail->setSubject($subject); $mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8')); $mail->send(); } } }
public function main() { //init controller data $this->extensions->hk_InitData($this, __FUNCTION__); if (isset($this->request->get['order_id'])) { $order_id = (int) $this->request->get['order_id']; } else { $order_id = 0; } $this->loadModel('account/order'); $guest = false; if (isset($this->request->get['ot']) && $this->config->get('config_guest_checkout')) { //try to decrypt order token $ot = $this->request->get['ot']; $decrypted = AEncryption::mcrypt_decode($ot); list($order_id, $email) = explode('~~~', $decrypted); $order_id = (int) $order_id; if (!$decrypted || !$order_id || !$email) { if ($order_id) { $this->session->data['redirect'] = $this->html->getSecureURL('account/invoice', '&order_id=' . $order_id); } $this->redirect($this->html->getSecureURL('account/login')); } $order_info = $this->model_account_order->getOrder($order_id, '', 'view'); //compare emails if ($order_info['email'] != $email) { $this->redirect($this->html->getSecureURL('account/login')); } $guest = true; } if ($this->request->is_POST() && $this->_validate()) { $guest = true; $order_id = $this->request->post['order_id']; $email = $this->request->post['email']; $ot = AEncryption::mcrypt_encode($order_id . '~~~' . $email); $order_info = $this->model_account_order->getOrder($order_id, '', 'view'); //compare emails if ($order_info['email'] != $email) { unset($order_info, $order_id, $email); } } $this->view->assign('error', $this->error); if (!$this->customer->isLogged() && !$guest) { $this->session->data['redirect'] = $this->html->getSecureURL('account/invoice', '&order_id=' . $order_id); $this->getForm(); return null; } if (!$order_id && $this->customer->isLogged()) { $this->redirect($this->html->getSecureURL('account/history')); } //get info for registered customers if (!$order_info) { $order_info = $this->model_account_order->getOrder($order_id); } $this->document->setTitle($this->language->get('heading_title')); $this->document->resetBreadcrumbs(); $this->document->addBreadcrumb(array('href' => $this->html->getURL('index/home'), 'text' => $this->language->get('text_home'), 'separator' => false)); $this->document->addBreadcrumb(array('href' => $this->html->getURL('account/account'), 'text' => $this->language->get('text_account'), 'separator' => $this->language->get('text_separator'))); if (!$guest) { $this->document->addBreadcrumb(array('href' => $this->html->getURL('account/history'), 'text' => $this->language->get('text_history'), 'separator' => $this->language->get('text_separator'))); } $this->document->addBreadcrumb(array('href' => $this->html->getURL('account/invoice', '&order_id=' . $order_id), 'text' => $this->language->get('text_invoice'), 'separator' => $this->language->get('text_separator'))); $this->data['success'] = ''; if (isset($this->session->data['success'])) { $this->data['success'] = $this->session->data['success']; unset($this->session->data['success']); } if ($order_info) { $this->data['order_id'] = $order_id; $this->data['invoice_id'] = $order_info['invoice_id'] ? $order_info['invoice_prefix'] . $order_info['invoice_id'] : ''; $this->data['email'] = $order_info['email']; $this->data['telephone'] = $order_info['telephone']; $this->data['fax'] = $order_info['fax']; $this->data['status'] = $this->model_account_order->getOrderStatus($order_id); $shipping_data = array('firstname' => $order_info['shipping_firstname'], 'lastname' => $order_info['shipping_lastname'], 'company' => $order_info['shipping_company'], 'address_1' => $order_info['shipping_address_1'], 'address_2' => $order_info['shipping_address_2'], 'city' => $order_info['shipping_city'], 'postcode' => $order_info['shipping_postcode'], 'zone' => $order_info['shipping_zone'], 'zone_code' => $order_info['shipping_zone_code'], 'country' => $order_info['shipping_country']); $this->data['shipping_address'] = $this->customer->getFormattedAddress($shipping_data, $order_info['shipping_address_format']); $this->data['shipping_method'] = $order_info['shipping_method']; $payment_data = array('firstname' => $order_info['payment_firstname'], 'lastname' => $order_info['payment_lastname'], 'company' => $order_info['payment_company'], 'address_1' => $order_info['payment_address_1'], 'address_2' => $order_info['payment_address_2'], 'city' => $order_info['payment_city'], 'postcode' => $order_info['payment_postcode'], 'zone' => $order_info['payment_zone'], 'zone_code' => $order_info['payment_zone_code'], 'country' => $order_info['payment_country']); $this->data['payment_address'] = $this->customer->getFormattedAddress($payment_data, $order_info['payment_address_format']); $this->data['payment_method'] = $order_info['payment_method']; $products = array(); $order_products = $this->model_account_order->getOrderProducts($order_id); $product_ids = array(); foreach ($order_products as $product) { $product_ids[] = (int) $product['product_id']; } //get thumbnails by one pass $resource = new AResource('image'); $thumbnails = $resource->getMainThumbList('products', $product_ids, $this->config->get('config_image_cart_width'), $this->config->get('config_image_cart_width'), false); foreach ($order_products as $product) { $options = $this->model_account_order->getOrderOptions($order_id, $product['order_product_id']); $thumbnail = $thumbnails[$product['product_id']]; $option_data = array(); foreach ($options as $option) { if ($option['element_type'] == 'H') { continue; } //hide hidden options $value = $option['value']; $title = ''; // hide binary value for checkbox if ($option['element_type'] == 'C' && in_array($value, array(0, 1))) { $value = ''; } // strip long textarea value if ($option['element_type'] == 'T') { $title = strip_tags($value); $title = str_replace('\\r\\n', "\n", $title); $value = str_replace('\\r\\n', "\n", $value); if (mb_strlen($value) > 64) { $value = mb_substr($value, 0, 64) . '...'; } } $option_data[] = array('name' => $option['name'], 'value' => $value, 'title' => $title); } $products[] = array('id' => $product['product_id'], 'thumbnail' => $thumbnail, 'name' => $product['name'], 'model' => $product['model'], 'option' => $option_data, 'quantity' => $product['quantity'], 'price' => $this->currency->format($product['price'], $order_info['currency'], $order_info['value']), 'total' => $this->currency->format($product['total'], $order_info['currency'], $order_info['value'])); } $this->data['products'] = $products; $this->data['totals'] = $this->model_account_order->getOrderTotals($order_id); $this->data['comment'] = $order_info['comment']; $this->data['product_link'] = $this->html->getSecureURL('product/product', '&product_id=%ID%'); $historys = array(); $results = $this->model_account_order->getOrderHistories($order_id); foreach ($results as $result) { $historys[] = array('date_added' => dateISO2Display($result['date_added'], $this->language->get('date_format_short') . ' ' . $this->language->get('time_format')), 'status' => $result['status'], 'comment' => nl2br($result['comment'])); } $this->data['historys'] = $historys; if ($guest) { $this->data['continue'] = $this->html->getSecureURL('index/home'); } else { $this->data['continue'] = $this->html->getSecureURL('account/history'); } $this->data['button_print'] = $this->html->buildElement(array('type' => 'button', 'name' => 'print_button', 'text' => $this->language->get('button_print'), 'icon' => 'fa fa-print', 'style' => 'button')); //button for order cancelation if ($this->config->get('config_customer_cancelation_order_status_id')) { $order_cancel_ids = unserialize($this->config->get('config_customer_cancelation_order_status_id')); if (in_array($order_info['order_status_id'], $order_cancel_ids)) { $this->data['button_order_cancel'] = $this->html->buildElement(array('type' => 'button', 'name' => 'button_order_cancelation', 'text' => $this->language->get('text_order_cancelation'), 'icon' => 'fa fa-ban', 'style' => 'button')); if (!$guest) { $this->data['order_cancelation_url'] = $this->html->getSecureURL('account/invoice/CancelOrder', '&order_id=' . $order_id); } else { $this->data['order_cancelation_url'] = $this->html->getSecureURL('account/invoice/CancelOrder', '&ot=' . $ot); } } } $this->view->setTemplate('pages/account/invoice.tpl'); } else { if ($guest) { $this->data['continue'] = $this->html->getSecureURL('index/home'); } else { $this->data['continue'] = $this->html->getSecureURL('account/account'); } $this->view->setTemplate('pages/error/not_found.tpl'); } $this->data['button_continue'] = $this->html->buildElement(array('type' => 'button', 'name' => 'continue_button', 'text' => $this->language->get('button_continue'), 'icon' => 'fa fa-arrow-right', 'style' => 'button')); $this->view->batchAssign($this->data); $this->processTemplate(); //update controller data $this->extensions->hk_UpdateData($this, __FUNCTION__); }
/** * @param int $order_id * @param int $order_status_id * @param string $comment * @param bool $notify */ public function update($order_id, $order_status_id, $comment = '', $notify = FALSE) { $order_query = $this->db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t FROM `" . $this->db->table("orders") . "` o\n\t\t\t\t\t\t\t\t\t\t LEFT JOIN " . $this->db->table("languages") . " l ON (o.language_id = l.language_id)\n\t\t\t\t\t\t\t\t\t\t WHERE o.order_id = '" . (int) $order_id . "' AND o.order_status_id > '0'"); if ($order_query->num_rows) { $order_row = $this->dcrypt->decrypt_data($order_query->row, 'orders'); $this->db->query("UPDATE `" . $this->db->table("orders") . "`\n\t\t\t\t\t\t\t\tSET order_status_id = '" . (int) $order_status_id . "',\n\t\t\t\t\t\t\t\t\tdate_modified = NOW()\n\t\t\t\t\t\t\t\tWHERE order_id = '" . (int) $order_id . "'"); $this->db->query("INSERT INTO " . $this->db->table("order_history") . "\n\t\t\t\t\t\t\t\tSET order_id = '" . (int) $order_id . "',\n\t\t\t\t\t\t\t\t\torder_status_id = '" . (int) $order_status_id . "',\n\t\t\t\t\t\t\t\t\tnotify = '" . (int) $notify . "',\n\t\t\t\t\t\t\t\t\tcomment = '" . $this->db->escape($comment) . "',\n\t\t\t\t\t\t\t\t\tdate_added = NOW()"); //send notifications $language = new ALanguage($this->registry, $order_row['code']); $language->load($order_row['filename']); $language->load('mail/order_update'); $order_status_query = $this->db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . $this->db->table("order_statuses") . "\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE order_status_id = '" . (int) $order_status_id . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND language_id = '" . (int) $order_row['language_id'] . "'"); $language_im = new ALanguage($this->registry); $language_im->load('common/im'); $status_name = ''; if ($order_status_query->row['name']) { $status_name = $order_status_query->row['name']; } $message_arr = array(0 => array('message' => sprintf($language_im->get('im_order_update_text_to_customer'), $order_id, $status_name)), 1 => array('message' => sprintf($language_im->get('im_order_update_text_to_admin'), $order_id, $status_name))); $this->im->send('order_update', $message_arr); //notify via email if ($notify) { $subject = sprintf($language->get('text_subject'), html_entity_decode($order_row['store_name'], ENT_QUOTES, 'UTF-8'), $order_id); $message = $language->get('text_order') . ' ' . $order_id . "\n"; $message .= $language->get('text_date_added') . ' ' . dateISO2Display($order_row['date_added'], $language->get('date_format_short')) . "\n\n"; if ($order_status_query->num_rows) { $message .= $language->get('text_order_status') . "\n\n"; $message .= $order_status_query->row['name'] . "\n\n"; } if ($order_row['customer_id']) { $message .= $language->get('text_invoice') . "\n"; $message .= $order_row['store_url'] . 'index.php?rt=account/invoice&order_id=' . $order_id . "\n\n"; } elseif ($this->config->get('config_guest_checkout') && $order_row['email']) { $order_token = AEncryption::mcrypt_encode($order_id . '~~~' . $order_row['email']); if ($order_token) { $message .= $language->get('text_invoice') . "\n"; $message .= $order_row['store_url'] . 'index.php?rt=account/invoice&ot=' . $order_token . "\n\n"; } } if ($comment) { $message .= $language->get('text_comment') . "\n\n"; $message .= $comment . "\n\n"; } $message .= $language->get('text_footer'); $mail = new AMail($this->config); $mail->setTo($order_row['email']); $mail->setFrom($this->config->get('store_main_email')); $mail->setSender($order_row['store_name']); $mail->setSubject($subject); $mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8')); $mail->send(); } } }