function getContent()
{
/* display the module name */
$this->_html = '<h2>' . $this->displayName . '</h2>';
/* update the editorial xml */
if (isset($_POST['submitUpdate'])) {
// Forbidden key
$forbidden = array('submitUpdate');
foreach ($_POST as $key => $value) {
if (!Validate::isCleanHtml($_POST[$key])) {
$this->_html .= $this->displayError($this->l('Invalid html field, javascript is forbidden'));
$this->_displayForm();
return $this->_html;
}
}
// Generate new XML data
$newXml = '<?xml version=\'1.0\' encoding=\'utf-8\' ?>' . "\n";
$newXml .= '<editorial>' . "\n";
$newXml .= ' <header>';
// Making header data
foreach ($_POST as $key => $field) {
if ($line = $this->putContent($newXml, $key, $field, $forbidden, 'header')) {
$newXml .= $line;
}
}
$newXml .= "\n" . ' </header>' . "\n";
$newXml .= ' <body>';
// Making body data
foreach ($_POST as $key => $field) {
if ($line = $this->putContent($newXml, $key, $field, $forbidden, 'body')) {
$newXml .= $line;
}
}
$newXml .= "\n" . ' </body>' . "\n";
$newXml .= '</editorial>' . "\n";
/* write it into the editorial xml file */
if ($fd = @fopen(dirname(__FILE__) . '/editorial.xml', 'w')) {
if (!@fwrite($fd, $newXml)) {
$this->_html .= $this->displayError($this->l('Unable to write to the editor file.'));
}
if (!@fclose($fd)) {
$this->_html .= $this->displayError($this->l('Can\'t close the editor file.'));
}
} else {
$this->_html .= $this->displayError($this->l('Unable to update the editor file.<br />Please check the editor file\'s writing permissions.'));
}
/* upload the image */
if (isset($_FILES['body_homepage_logo']) and isset($_FILES['body_homepage_logo']['tmp_name']) and !empty($_FILES['body_homepage_logo']['tmp_name'])) {
Configuration::set('PS_IMAGE_GENERATION_METHOD', 1);
if ($error = checkImage($_FILES['body_homepage_logo'], $this->maxImageSize)) {
$this->_html .= $error;
} elseif (!imageResize($_FILES['body_homepage_logo'], dirname(__FILE__) . '/homepage_logo.jpg')) {
$this->_html .= $this->displayError($this->l('An error occurred during the image upload.'));
}
}
}
/* display the editorial's form */
$this->_displayForm();
return $this->_html;
}
function smartyText($data)
{
// Prevent xss injection.
if (Validate::isCleanHtml($data)) {
return stripslashes(preg_replace('/\\v+|\\\\[rn]/', '<br/>', $data));
}
return '';
}
public function initContent()
{
parent::initContent();
if (Tools::isSubmit('submitMessage')) {
$message = Tools::getValue('message');
// Html entities is not usefull, iscleanHtml check there is no bad html tags.
$phone = Tools::getValue('tel');
$mobile = Tools::getValue('mobile');
if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid email address.');
} else {
if (!$message) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} else {
if (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message');
} else {
if (!Validate::isPhoneNumber($phone)) {
$this->errors[] = Tools::displayError('Invalid phone number.');
} else {
if (!Validate::isPhoneNumber($mobile)) {
$this->errors[] = Tools::displayError('Invalid Mobile number.');
}
}
}
}
}
// var_dump($this->errors,empty($this->errors));
if (empty($this->errors)) {
$id_product = Tools::getValue('product_id');
//var_dump($id_product);
$product = new Product($id_product);
//var_dump($product);
$product_name = '';
$item_number = '';
if (Validate::isLoadedObject($product) && isset($product->name[(int) $this->context->language->id])) {
$product_name = $product->name[(int) $this->context->language->id];
$item_number = $product->item_number;
}
$data = array('{name}' => Tools::getValue('name'), '{phone}' => $phone, '{mobile}' => $mobile, '{message}' => $message, '{item_number}' => $item_number, '{product}' => $product_name, '{date}' => date('Y-m-d H:i:s'), '{email}' => $from);
$sampleObj = new requestsample();
$sampleObj->sendmail($data, $from, (int) $this->context->language->id, 'request_quote', 'New Request for Quote');
$this->context->smarty->assign('confirmation', 1);
}
}
$this->context->smarty->assign('product_id', $_GET['pr_id']);
$this->setTemplate('quote_form.tpl');
}
public function update($nullValues = false)
{
$ishtml = false;
foreach ($this->value as $i18n_value) {
if (Validate::isCleanHtml($i18n_value)) {
$ishtml = true;
break;
}
}
Configuration::updateValue($this->name, $this->value, $ishtml);
$last_insert = Db::getInstance()->getRow('
SELECT `id_configuration` AS id
FROM `' . _DB_PREFIX_ . 'configuration`
WHERE `name` = \'' . pSQL($this->name) . '\'');
if ($last_insert) {
$this->id = $last_insert['id'];
}
return true;
}
/**
* @see AdminController::processUpdateOptions()
*/
public function processUpdateOptions()
{
if ($this->isGeoLiteCityAvailable()) {
Configuration::updateValue('PS_GEOLOCATION_ENABLED', (int) Tools::getValue('PS_GEOLOCATION_ENABLED'));
} elseif (Tools::getValue('PS_GEOLOCATION_ENABLED')) {
$this->errors[] = $this->trans('The geolocation database is unavailable.', array(), 'Admin.International.Notification');
}
if (empty($this->errors)) {
if (!is_array(Tools::getValue('countries')) || !count(Tools::getValue('countries'))) {
$this->errors[] = $this->trans('Country selection is invalid.', array(), 'Admin.International.Notification');
} else {
Configuration::updateValue('PS_GEOLOCATION_BEHAVIOR', !(int) Tools::getValue('PS_GEOLOCATION_BEHAVIOR') ? _PS_GEOLOCATION_NO_CATALOG_ : _PS_GEOLOCATION_NO_ORDER_);
Configuration::updateValue('PS_GEOLOCATION_NA_BEHAVIOR', (int) Tools::getValue('PS_GEOLOCATION_NA_BEHAVIOR'));
Configuration::updateValue('PS_ALLOWED_COUNTRIES', implode(';', Tools::getValue('countries')));
}
if (!Validate::isCleanHtml(Tools::getValue('PS_GEOLOCATION_WHITELIST'))) {
$this->errors[] = $this->trans('Invalid whitelist', array(), 'Admin.International.Notification');
} else {
Configuration::updateValue('PS_GEOLOCATION_WHITELIST', str_replace("\n", ';', str_replace("\r", '', Tools::getValue('PS_GEOLOCATION_WHITELIST'))));
}
}
return parent::processUpdateOptions();
}
/**
* Start forms process
* @see FrontController::postProcess()
*/
public function postProcess()
{
if (Tools::isSubmit('submitMessage')) {
$fileAttachment = null;
if (isset($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['name']) && !empty($_FILES['fileUpload']['tmp_name'])) {
$extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
$filename = uniqid() . substr($_FILES['fileUpload']['name'], -5);
$fileAttachment['content'] = file_get_contents($_FILES['fileUpload']['tmp_name']);
$fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type'];
}
$message = Tools::getValue('message');
// Html entities is not usefull, iscleanHtml check there is no bad html tags.
if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid e-mail address');
} else {
if (!$message) {
$this->errors[] = Tools::displayError('Message cannot be blank');
} else {
if (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message');
} else {
if (!($id_contact = (int) Tools::getValue('id_contact')) || !Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id))) {
$this->errors[] = Tools::displayError('Please select a subject from the list.');
} else {
if (!empty($_FILES['fileUpload']['name']) && $_FILES['fileUpload']['error'] != 0) {
$this->errors[] = Tools::displayError('An error occurred during the file upload');
} else {
if (!empty($_FILES['fileUpload']['name']) && !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) && !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$this->errors[] = Tools::displayError('Bad file extension');
} else {
$customer = $this->context->customer;
if (!$customer->id) {
$customer->getByEmail($from);
}
$contact = new Contact($id_contact, $this->context->language->id);
if (!(($id_customer_thread = (int) Tools::getValue('id_customer_thread')) && (int) Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') || ($id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, (int) Tools::getValue('id_order'))))) {
$fields = Db::getInstance()->executeS('
SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE email = \'' . pSQL($from) . '\' AND cm.id_shop = ' . (int) $this->context->shop->id . ' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
id_order = ' . (int) Tools::getValue('id_order') . ')');
$score = 0;
foreach ($fields as $key => $row) {
$tmp = 0;
if ((int) $row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) {
continue;
}
if ($row['id_order'] != 0 && Tools::getValue('id_order') != $row['id_order']) {
continue;
}
if ($row['email'] == $from) {
$tmp += 4;
}
if ($row['id_contact'] == $id_contact) {
$tmp++;
}
if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) {
$tmp += 2;
}
if ($tmp >= 5 && $tmp >= $score) {
$score = $tmp;
$id_customer_thread = $row['id_customer_thread'];
}
}
}
$old_message = Db::getInstance()->getValue('
SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
LEFT JOIN ' . _DB_PREFIX_ . 'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread)
WHERE cc.id_customer_thread = ' . (int) $id_customer_thread . ' AND cc.id_shop = ' . (int) $this->context->shop->id . '
ORDER BY cm.date_add DESC');
if ($old_message == $message) {
$this->context->smarty->assign('alreadySent', 1);
$contact->email = '';
$contact->customer_service = 0;
}
if (!empty($contact->email)) {
$id_order = (int) Tools::getValue('id_order', 0);
$order = new Order($id_order);
$mail_var_list = array('{email}' => $from, '{message}' => Tools::nl2br(stripslashes($message)), '{id_order}' => $id_order, '{order_name}' => $order->getUniqReference(), '{attached_file}' => isset($_FILES['fileUpload'], $_FILES['fileUpload']['name']) ? $_FILES['fileUpload']['name'] : '');
if (Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form'), $mail_var_list, $contact->email, $contact->name, $from, $customer->id ? $customer->firstname . ' ' . $customer->lastname : '', $fileAttachment) && Mail::Send($this->context->language->id, 'contact_form', Mail::l('Your message has been correctly sent'), $mail_var_list, $from)) {
$this->context->smarty->assign('confirmation', 1);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
}
if ($contact->customer_service) {
if ((int) $id_customer_thread) {
$ct = new CustomerThread($id_customer_thread);
$ct->status = 'open';
$ct->id_lang = (int) $this->context->language->id;
$ct->id_contact = (int) $id_contact;
if ($id_order = (int) Tools::getValue('id_order')) {
$ct->id_order = $id_order;
}
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->update();
} else {
$ct = new CustomerThread();
if (isset($customer->id)) {
$ct->id_customer = (int) $customer->id;
}
$ct->id_shop = (int) $this->context->shop->id;
if ($id_order = (int) Tools::getValue('id_order')) {
$ct->id_order = $id_order;
}
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->id_contact = (int) $id_contact;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $from;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
}
if ($ct->id) {
$cm = new CustomerMessage();
$cm->id_customer_thread = $ct->id;
$cm->message = Tools::htmlentitiesUTF8($message);
if (isset($filename) && rename($_FILES['fileUpload']['tmp_name'], _PS_MODULE_DIR_ . '../upload/' . $filename)) {
$cm->file_name = $filename;
}
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
if ($cm->add()) {
if (empty($contact->email)) {
$var_list = array('{order_name}' => '-', '{attached_file}' => '-', '{message}' => stripslashes($message));
if ($ct->id_order) {
$order = new Order($ct->id_order);
$var_list['{order_name}'] = $order->reference;
}
if (isset($filename)) {
$var_list['{attached_file}'] = $_FILES['fileUpload']['name'];
}
Mail::Send($this->context->language->id, 'contact_form', Mail::l('Your message has been correctly sent'), $var_list, $from);
}
$this->context->smarty->assign('confirmation', 1);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
}
if (count($this->errors) > 1) {
array_unique($this->errors);
}
}
}
}
}
}
}
}
}
public function renderFormAddress()
{
// Change table and className for addresses
$this->table = 'address';
$this->className = 'Address';
$id_address = Tools::getValue('id_address');
// Create Object Address
$address = new Address($id_address);
$res = $address->getFieldsRequiredDatabase();
$required_fields = array();
foreach ($res as $row) {
$required_fields[(int) $row['id_required_field']] = $row['field_name'];
}
$form = array('legend' => array('title' => $this->l('Addresses'), 'icon' => 'icon-building'));
if (!$address->id_manufacturer || !Manufacturer::manufacturerExists($address->id_manufacturer)) {
$form['input'][] = array('type' => 'select', 'label' => $this->l('Choose the manufacturer'), 'name' => 'id_manufacturer', 'options' => array('query' => Manufacturer::getManufacturers(), 'id' => 'id_manufacturer', 'name' => 'name'));
} else {
$form['input'][] = array('type' => 'text', 'label' => $this->l('Manufacturer'), 'name' => 'name', 'col' => 4, 'disabled' => true);
$form['input'][] = array('type' => 'hidden', 'name' => 'id_manufacturer');
}
$form['input'][] = array('type' => 'hidden', 'name' => 'alias');
$form['input'][] = array('type' => 'hidden', 'name' => 'id_address');
if (in_array('company', $required_fields)) {
$form['input'][] = array('type' => 'text', 'label' => $this->l('Company'), 'name' => 'company', 'display' => in_array('company', $required_fields), 'required' => in_array('company', $required_fields), 'maxlength' => 16, 'col' => 4, 'hint' => $this->l('Company name for this supplier'));
}
$form['input'][] = array('type' => 'text', 'label' => $this->l('Last name'), 'name' => 'lastname', 'required' => true, 'col' => 4, 'hint' => $this->l('Invalid characters:') . ' 0-9!<>,;?=+()@#"�{}_$%:');
$form['input'][] = array('type' => 'text', 'label' => $this->l('First name'), 'name' => 'firstname', 'required' => true, 'col' => 4, 'hint' => $this->l('Invalid characters:') . ' 0-9!<>,;?=+()@#"�{}_$%:');
$form['input'][] = array('type' => 'text', 'label' => $this->l('Address'), 'name' => 'address1', 'col' => 6, 'required' => true);
$form['input'][] = array('type' => 'text', 'label' => $this->l('Address (2)'), 'name' => 'address2', 'col' => 6, 'required' => in_array('address2', $required_fields));
$form['input'][] = array('type' => 'text', 'label' => $this->l('Zip/postal code'), 'name' => 'postcode', 'col' => 2, 'required' => in_array('postcode', $required_fields));
$form['input'][] = array('type' => 'text', 'label' => $this->l('City'), 'name' => 'city', 'col' => 4, 'required' => true);
$form['input'][] = array('type' => 'select', 'label' => $this->l('Country'), 'name' => 'id_country', 'required' => false, 'default_value' => (int) $this->context->country->id, 'col' => 4, 'options' => array('query' => Country::getCountries($this->context->language->id), 'id' => 'id_country', 'name' => 'name'));
$form['input'][] = array('type' => 'select', 'label' => $this->l('State'), 'name' => 'id_state', 'required' => false, 'col' => 4, 'options' => array('query' => array(), 'id' => 'id_state', 'name' => 'name'));
$form['input'][] = array('type' => 'text', 'label' => $this->l('Home phone'), 'name' => 'phone', 'col' => 4, 'required' => in_array('phone', $required_fields));
$form['input'][] = array('type' => 'text', 'label' => $this->l('Mobile phone'), 'name' => 'phone_mobile', 'col' => 4, 'required' => in_array('phone_mobile', $required_fields));
$form['input'][] = array('type' => 'textarea', 'label' => $this->l('Other'), 'name' => 'other', 'required' => false, 'hint' => $this->l('Forbidden characters:') . ' <>;=#{}', 'rows' => 2, 'cols' => 10, 'col' => 6);
$form['submit'] = array('title' => $this->l('Save'));
$this->fields_value = array('name' => Manufacturer::getNameById($address->id_manufacturer), 'alias' => 'manufacturer', 'id_country' => $address->id_country);
$this->initToolbar();
$this->fields_form[0]['form'] = $form;
$this->getlanguages();
$helper = new HelperForm();
$helper->show_cancel_button = true;
$back = Tools::safeOutput(Tools::getValue('back', ''));
if (empty($back)) {
$back = self::$currentIndex . '&token=' . $this->token;
}
if (!Validate::isCleanHtml($back)) {
die(Tools::displayError());
}
$helper->back_url = $back;
$helper->currentIndex = self::$currentIndex;
$helper->token = $this->token;
$helper->table = $this->table;
$helper->identifier = $this->identifier;
$helper->title = $this->l('Edit Addresses');
$helper->id = $address->id;
$helper->toolbar_scroll = true;
$helper->languages = $this->_languages;
$helper->default_form_language = $this->default_form_language;
$helper->allow_employee_form_lang = $this->allow_employee_form_lang;
$helper->fields_value = $this->getFieldsValue($address);
$helper->toolbar_btn = $this->toolbar_btn;
$this->content .= $helper->generateForm($this->fields_form);
}
if (is_array($states) and !empty($states)) {
$list = '';
if (Tools::getValue('no_empty') != true) {
$list = '<option value="0">-----------</option>' . "\n";
}
foreach ($states as $state) {
$list .= '<option value="' . (int) $state['id_state'] . '"' . ((isset($_GET['id_state']) and $_GET['id_state'] == $state['id_state']) ? ' selected="selected"' : '') . '>' . $state['name'] . '</option>' . "\n";
}
} else {
$list = 'false';
}
die($list);
}
if (Tools::isSubmit('submitCustomerNote') and $id_customer = (int) Tools::getValue('id_customer')) {
$note = html_entity_decode(Tools::getValue('note'));
if (!empty($note) and !Validate::isCleanHtml($note)) {
die('error:validation');
}
if (!Db::getInstance()->Execute('UPDATE ' . _DB_PREFIX_ . 'customer SET `note` = "' . pSQL($note, true) . '" WHERE id_customer = ' . (int) $id_customer . ' LIMIT 1')) {
die('error:update');
}
die('ok');
}
if (Tools::getValue('form_language_id')) {
if (!($cookie->employee_form_lang = (int) Tools::getValue('form_language_id'))) {
die('Error while updating cookie.');
}
die('Form language updated.');
}
if (Tools::getValue('submitPublishProduct')) {
global $cookie;
/**
* Function used to render the form for this controller
*/
public function renderForm()
{
if (!$this->default_form_language) {
$this->getLanguages();
}
if (Tools::getValue('submitFormAjax')) {
$this->content .= $this->context->smarty->fetch('form_submit_ajax.tpl');
}
if ($this->fields_form && is_array($this->fields_form)) {
if (!$this->multiple_fieldsets) {
$this->fields_form = array(array('form' => $this->fields_form));
}
// For add a fields via an override of $fields_form, use $fields_form_override
if (is_array($this->fields_form_override) && !empty($this->fields_form_override)) {
$this->fields_form[0]['form']['input'] = array_merge($this->fields_form[0]['form']['input'], $this->fields_form_override);
}
$fields_value = $this->getFieldsValue($this->object);
Hook::exec('action' . $this->controller_name . 'FormModifier', array('fields' => &$this->fields_form, 'fields_value' => &$fields_value, 'form_vars' => &$this->tpl_form_vars));
$helper = new HelperForm($this);
$this->setHelperDisplay($helper);
$helper->fields_value = $fields_value;
$helper->submit_action = $this->submit_action;
$helper->tpl_vars = $this->getTemplateFormVars();
$helper->show_cancel_button = isset($this->show_form_cancel_button) ? $this->show_form_cancel_button : $this->display == 'add' || $this->display == 'edit';
$back = Tools::safeOutput(Tools::getValue('back', ''));
if (empty($back)) {
$back = self::$currentIndex . '&token=' . $this->token;
}
if (!Validate::isCleanHtml($back)) {
die(Tools::displayError());
}
$helper->back_url = $back;
!is_null($this->base_tpl_form) ? $helper->base_tpl = $this->base_tpl_form : '';
if ($this->tabAccess['view']) {
if (Tools::getValue('back')) {
$helper->tpl_vars['back'] = Tools::safeOutput(Tools::getValue('back'));
} else {
$helper->tpl_vars['back'] = Tools::safeOutput(Tools::getValue(self::$currentIndex . '&token=' . $this->token));
}
}
$form = $helper->generateForm($this->fields_form);
return $form;
}
}
/**
* Adds a new private message for the Admin
*/
public function addNewPrivateMessage($order_id, $message)
{
if (!(bool) $order_id) {
return false;
}
$new_message = new Message();
$message = strip_tags($message, '<br>');
if (!Validate::isCleanHtml($message)) {
$message = $this->l('Payment message is not valid, please check your module.');
}
$new_message->message = $message;
$new_message->id_order = $order_id;
$new_message->private = 1;
return $new_message->add();
}
protected function addItem()
{
$title = Tools::getValue('item_title');
$content = Tools::getValue('item_html');
if (!Validate::isCleanHtml($title, (int) Configuration::get('PS_ALLOW_HTML_IFRAME')) || !Validate::isCleanHtml($content, (int) Configuration::get('PS_ALLOW_HTML_IFRAME'))) {
$this->context->smarty->assign('error', $this->l('Invalid content'));
return false;
}
if (!($current_order = (int) Db::getInstance()->getValue('
SELECT item_order + 1
FROM `' . _DB_PREFIX_ . 'themeconfigurator`
WHERE
id_shop = ' . (int) $this->context->shop->id . '
AND id_lang = ' . (int) Tools::getValue('id_lang') . '
AND hook = \'' . pSQL(Tools::getValue('item_hook')) . '\'
ORDER BY item_order DESC'))) {
$current_order = 1;
}
$image_w = is_numeric(Tools::getValue('item_img_w')) ? (int) Tools::getValue('item_img_w') : '';
$image_h = is_numeric(Tools::getValue('item_img_h')) ? (int) Tools::getValue('item_img_h') : '';
if (!empty($_FILES['item_img']['name'])) {
if (!($image = $this->uploadImage($_FILES['item_img'], $image_w, $image_h))) {
return false;
}
} else {
$image = '';
$image_w = '';
$image_h = '';
}
if (!Db::getInstance()->Execute('
INSERT INTO `' . _DB_PREFIX_ . 'themeconfigurator` (
`id_shop`, `id_lang`, `item_order`, `title`, `title_use`, `hook`, `url`, `target`, `image`, `image_w`, `image_h`, `html`, `active`
) VALUES (
\'' . (int) $this->context->shop->id . '\',
\'' . (int) Tools::getValue('id_lang') . '\',
\'' . (int) $current_order . '\',
\'' . pSQL($title) . '\',
\'' . (int) Tools::getValue('item_title_use') . '\',
\'' . pSQL(Tools::getValue('item_hook')) . '\',
\'' . pSQL(Tools::getValue('item_url')) . '\',
\'' . (int) Tools::getValue('item_target') . '\',
\'' . pSQL($image) . '\',
\'' . pSQL($image_w) . '\',
\'' . pSQL($image_h) . '\',
\'' . pSQL($this->filterVar($content), true) . '\',
1)')) {
if (!Tools::isEmpty($image)) {
$this->deleteImage($image);
}
$this->context->smarty->assign('error', $this->l('An error occurred while saving data.'));
return false;
}
$this->context->smarty->assign('confirmation', $this->l('New item successfully added.'));
return true;
}
/**
* @param null|string $key if null get all header params otherwise the params specified by the key
* @throw WebserviceException if the key is corrupted (use Validate::isCleanHtml method)
* @throw WebserviceException if the asked key does'nt exists.
* @return array|string
*/
public function getHeaderParams($key = null)
{
$return = '';
if (!is_null($key)) {
if (!Validate::isCleanHtml($key)) {
throw new WebserviceException('the key you write is a corrupted text.', array(95, 500));
}
if (!array_key_exists($key, $this->headerParams)) {
throw new WebserviceException(sprintf('The key %s does\'nt exist', $key), array(96, 500));
}
$return = $this->headerParams[$key];
} else {
$return = $this->headerParams;
}
return $return;
}
/**
* Add order private message.
*
* @param $text
* @return bool
*/
public function addMessage($text)
{
$message = new Message();
$text = strip_tags($text, '<br>');
if (!Validate::isCleanHtml($text)) {
$text = 'Invalid payment message.';
}
$message->message = $text;
$message->id_order = (int) $this->getOrderId();
$message->private = 1;
return $message->add();
}
/**
* Method processAddAttachments() : Change name of file which are uploaded for this product
* Rules:
* - For the first upload the filename has been : name-of-product.extention
* - For the second upload : name-of-product-1.extention
* - ...
*
* @module now_seo_links
* @return void
*
* @see AdminProductsControllerCore::processAddAttachments()
*/
public function processAddAttachments()
{
$languages = Language::getLanguages(false);
$is_attachment_name_valid = false;
foreach ($languages as $language) {
$attachment_name_lang = Tools::getValue('attachment_name_' . (int) $language['id_lang']);
if (Tools::strlen($attachment_name_lang) > 0) {
$is_attachment_name_valid = true;
}
if (!Validate::isGenericName(Tools::getValue('attachment_name_' . (int) $language['id_lang']))) {
$this->errors[] = Tools::displayError('Invalid Name');
} elseif (Tools::strlen(Tools::getValue('attachment_name_' . (int) $language['id_lang'])) > 32) {
$this->errors[] = sprintf(Tools::displayError('The name is too long (%d chars max).'), 32);
}
if (!Validate::isCleanHtml(Tools::getValue('attachment_description_' . (int) $language['id_lang']))) {
$this->errors[] = Tools::displayError('Invalid description');
}
}
if (!$is_attachment_name_valid) {
$this->errors[] = Tools::displayError('An attachment name is required.');
}
if (empty($this->errors)) {
if (isset($_FILES['attachment_file']) && is_uploaded_file($_FILES['attachment_file']['tmp_name'])) {
if ($_FILES['attachment_file']['size'] > Configuration::get('PS_ATTACHMENT_MAXIMUM_SIZE') * 1024 * 1024) {
$this->errors[] = sprintf($this->l('The file is too large. Maximum size allowed is: %1$d kB. The file you\'re trying to upload is: %2$d kB.'), Configuration::get('PS_ATTACHMENT_MAXIMUM_SIZE') * 1024, number_format($_FILES['attachment_file']['size'] / 1024, 2, '.', ''));
} else {
do {
$uniqid = sha1(microtime());
} while (file_exists(_PS_DOWNLOAD_DIR_ . $uniqid));
if (!copy($_FILES['attachment_file']['tmp_name'], _PS_DOWNLOAD_DIR_ . $uniqid)) {
$this->errors[] = $this->l('File copy failed');
}
@unlink($_FILES['attachment_file']['tmp_name']);
}
} elseif ((int) $_FILES['attachment_file']['error'] === 1) {
$max_upload = (int) ini_get('upload_max_filesize');
$max_post = (int) ini_get('post_max_size');
$upload_mb = min($max_upload, $max_post);
$this->errors[] = sprintf($this->l('The file %1$s exceeds the size allowed by the server. The limit is set to %2$d MB.'), '<b>' . $_FILES['attachment_file']['name'] . '</b> ', '<b>' . $upload_mb . '</b>');
} else {
$this->errors[] = Tools::displayError('The file is missing.');
}
if (empty($this->errors) && isset($uniqid)) {
$attachment = new Attachment();
foreach ($languages as $language) {
if (Tools::getIsset('attachment_name_' . (int) $language['id_lang'])) {
$attachment->name[(int) $language['id_lang']] = Tools::getValue('attachment_name_' . (int) $language['id_lang']);
}
if (Tools::getIsset('attachment_description_' . (int) $language['id_lang'])) {
$attachment->description[(int) $language['id_lang']] = Tools::getValue('attachment_description_' . (int) $language['id_lang']);
}
}
if (Tools::getIsset('name_' . (int) Configuration::get('PS_LANG_DEFAULT'))) {
$sFilename = $_FILES['attachment_file']['name'];
$sExtention = substr($sFilename, strrpos($sFilename, '.') + 1);
$attachment->file_name = Tools::link_rewrite(trim(Tools::getValue('name_' . (int) Configuration::get('PS_LANG_DEFAULT'))));
// On regarde si c'est le premier document joint au produit ou pas
$aAttachmentOfProduct = $attachment->getAttachments(Context::getContext()->language->id, (int) Tools::getValue('id_product'));
$iNb = count($aAttachmentOfProduct);
if ($iNb > 0) {
$attachment->file_name .= '-' . $iNb;
}
$attachment->file_name .= '.' . $sExtention;
}
$attachment->file = $uniqid;
$attachment->mime = $_FILES['attachment_file']['type'];
if (empty($attachment->mime) || Tools::strlen($attachment->mime) > 128) {
$this->errors[] = Tools::displayError('Invalid file extension');
}
if (!Validate::isGenericName($attachment->file_name)) {
$this->errors[] = Tools::displayError('Invalid file name');
}
if (Tools::strlen($attachment->file_name) > 128) {
$this->errors[] = Tools::displayError('The file name is too long.');
}
if (empty($this->errors)) {
$res = $attachment->add();
if (!$res) {
$this->errors[] = Tools::displayError('This attachment was unable to be loaded into the database.');
} else {
$id_product = (int) Tools::getValue($this->identifier);
$res = $attachment->attachProduct($id_product);
if (!$res) {
$this->errors[] = Tools::displayError('We were unable to associate this attachment to a product.');
}
}
} else {
$this->errors[] = Tools::displayError('Invalid file');
}
}
}
}
/**
* Options lists
*/
public function displayOptionsList()
{
$tab = Tab::getTab($this->context->language->id, $this->id);
// Retrocompatibility < 1.5.0
if (!$this->optionsList && $this->_fieldsOptions) {
$this->optionsList = array('options' => array('title' => $this->optionTitle ? $this->optionTitle : $this->l('Options'), 'fields' => $this->_fieldsOptions));
}
if (!$this->optionsList) {
return;
}
echo '<br />';
echo '<script type="text/javascript">
id_language = Number(' . $this->context->language->id . ');
</script>';
$action = Tools::safeOutput(self::$currentIndex . '&submitOptions' . $this->table . '=1&token=' . $this->token);
echo '<form action="' . $action . '" method="post" enctype="multipart/form-data">';
foreach ($this->optionsList as $category => $categoryData) {
$required = false;
$this->displayTopOptionCategory($category, $categoryData);
echo '<fieldset>';
// Options category title
$legend = '<img src="' . (!empty($tab['module']) && file_exists($_SERVER['DOCUMENT_ROOT'] . _MODULE_DIR_ . $tab['module'] . '/' . $tab['class_name'] . '.gif') ? _MODULE_DIR_ . $tab['module'] . '/' : '../img/t/') . $tab['class_name'] . '.gif" /> ';
$legend .= isset($categoryData['title']) ? $categoryData['title'] : $this->l('Options');
echo '<legend>' . $legend . '</legend>';
// Category fields
if (!isset($categoryData['fields'])) {
continue;
}
// Category description
if (isset($categoryData['description']) && $categoryData['description']) {
echo '<p class="optionsDescription">' . $categoryData['description'] . '</p>';
}
foreach ($categoryData['fields'] as $key => $field) {
// Field value
$value = Tools::getValue($key, Configuration::get($key));
if (!Validate::isCleanHtml($value)) {
$value = Configuration::get($key);
}
if (isset($field['defaultValue']) && !$value) {
$value = $field['defaultValue'];
}
// Check if var is invisible (can't edit it in current shop context), or disable (use default value for multishop)
$isDisabled = $isInvisible = false;
if (Shop::isFeatureActive()) {
if (isset($field['visibility']) && $field['visibility'] > Shop::getContext()) {
$isDisabled = true;
$isInvisible = true;
} elseif (Shop::getContext() != Shop::CONTEXT_ALL && !Configuration::isOverridenByCurrentContext($key)) {
$isDisabled = true;
}
}
// Display title
echo '<div style="clear: both; padding-top:15px;" id="conf_id_' . $key . '" ' . ($isInvisible ? 'class="isInvisible"' : '') . '>';
if ($field['title']) {
echo '<label class="conf_title">';
// Is this field required ?
if (isset($field['required']) && $field['required']) {
$required = true;
echo '<sup>*</sup> ';
}
echo $field['title'] . '</label>';
}
echo '<div class="margin-form" style="padding-top:5px;">';
// Display option inputs
$method = 'displayOptionType' . Tools::toCamelCase($field['type'], true);
if (!method_exists($this, $method)) {
$this->displayOptionTypeText($key, $field, $value);
} else {
$this->{$method}($key, $field, $value);
}
// Multishop default value
if (Shop::isFeatureActive() && Shop::getContext() != Shop::CONTEXT_ALL && !$isInvisible) {
echo '<div class="preference_default_multishop">
<label>
<input type="checkbox" name="multishopOverrideOption[' . $key . ']" value="1" ' . ($isDisabled ? 'checked="checked"' : '') . ' onclick="checkMultishopDefaultValue(this, \'' . $key . '\')" /> ' . $this->l('Use default value') . '
</label>
</div>';
}
// Field description
//echo (isset($field['desc']) ? '<p class="preference_description">'.((isset($field['thumb']) AND $field['thumb'] AND $field['thumb']['pos'] == 'after') ? '<img src="'.$field['thumb']['file'].'" alt="'.$field['title'].'" title="'.$field['title'].'" style="float:left;" />' : '' ).$field['desc'].'</p>' : '');
echo isset($field['desc']) ? '<p class="preference_description">' . $field['desc'] . '</p>' : '';
// Is this field invisible in current shop context ?
echo $isInvisible ? '<p class="multishop_warning">' . $this->l('You cannot change the value of this configuration field in this shop context') . '</p>' : '';
echo '</div></div>';
}
echo '<div align="center" style="margin-top: 20px;">';
echo '<input type="submit" value="' . $this->l(' Save ') . '" name="submit' . ucfirst($category) . $this->table . '" class="button" />';
echo '</div>';
if ($required) {
echo '<div class="small"><sup>*</sup> ' . $this->l('Required field') . '</div>';
}
echo '</fieldset><br />';
$this->displayBottomOptionCategory($category, $categoryData);
}
echo '</form>';
}
public function initToolbar()
{
switch ($this->display) {
case 'add':
case 'edit':
// Default save button - action dynamically handled in javascript
$this->toolbar_btn['save'] = array('href' => '#', 'desc' => $this->l('Save'));
$back = Tools::safeOutput(Tools::getValue('back', ''));
if (empty($back)) {
$back = self::$currentIndex . '&token=' . $this->token;
}
if (!Validate::isCleanHtml($back)) {
die(Tools::displayError());
}
if (!$this->lite_display) {
$this->toolbar_btn['cancel'] = array('href' => $back, 'desc' => $this->l('Cancel'));
}
break;
case 'delete':
Db::getInstance()->delete(_DB_PREFIX_ . 'lgconsultas', "id_consulta = " . Tools::getValue('id_consulta'));
break;
case 'view':
// Default cancel button - like old back link
$back = Tools::safeOutput(Tools::getValue('back', ''));
if (empty($back)) {
$back = self::$currentIndex . '&token=' . $this->token;
}
if (!Validate::isCleanHtml($back)) {
die(Tools::displayError());
}
if (!$this->lite_display) {
$this->toolbar_btn['back'] = array('href' => $back, 'desc' => $this->l('Back to the list'));
}
break;
case 'options':
$this->toolbar_btn['save'] = array('href' => '#', 'desc' => $this->l('Save'));
break;
default:
if ($this->allow_export) {
$this->toolbar_btn['export'] = array('href' => self::$currentIndex . '&export' . $this->table . '&token=' . $this->token, 'desc' => $this->l('Export'));
}
}
unset($this->toolbar_btn['new']);
unset($this->toolbar_btn['save']);
unset($this->toolbar_btn['cancel']);
}
/**
* Uodate the customer note
*
* @return void
*/
public function ajaxProcessUpdateCustomerNote()
{
if ($this->tabAccess['edit'] === '1') {
$note = Tools::htmlentitiesDecodeUTF8(Tools::getValue('note'));
$customer = new Customer((int) Tools::getValue('id_customer'));
if (!Validate::isLoadedObject($customer)) {
die('error:update');
}
if (!empty($note) && !Validate::isCleanHtml($note)) {
die('error:validation');
}
$customer->note = $note;
if (!$customer->update()) {
die('error:update');
}
die('ok');
}
}
/**
* saved paramter to acces of particular subscribtion link.
*
* @return string the registration link.
*/
private function _submitRegistrationLink()
{
// @todo : ask for more infos about values types
TSBuyerProtection::$SHOPSW = Validate::isCleanHtml(Tools::getValue('shopsw')) ? Tools::getValue('shopsw') : '';
TSBuyerProtection::$ET_CID = Validate::isCleanHtml(Tools::getValue('et_cid')) ? Tools::getValue('et_cid') : '';
TSBuyerProtection::$ET_LID = Validate::isCleanHtml(Tools::getValue('et_lid')) ? Tools::getValue('et_lid') : '';
Configuration::updateValue(TSBuyerProtection::PREFIX_TABLE . 'SHOPSW', TSBuyerProtection::$SHOPSW);
Configuration::updateValue(TSBuyerProtection::PREFIX_TABLE . 'ET_CID', TSBuyerProtection::$ET_CID);
Configuration::updateValue(TSBuyerProtection::PREFIX_TABLE . 'ET_LID', TSBuyerProtection::$ET_LID);
$link_registration = $this->_makeRegistrationLink(TSBuyerProtection::$SHOPSW, TSBuyerProtection::$ET_CID, TSBuyerProtection::$ET_LID, Tools::getValue('lang'));
$this->confirmations[] = $this->l('Registration link has been created. Follow this link if you were not redirected earlier:') . ' <a href="' . $link_registration . '" class="link">>' . $this->l('Link') . '<</a>';
return $link_registration;
}
/**
* Initialize parent order controller
* @see FrontController::init()
*/
public function init()
{
$this->isLogged = (bool) ($this->context->customer->id && Customer::customerIdExistsStatic((int) $this->context->cookie->id_customer));
parent::init();
/* Disable some cache related bugs on the cart/order */
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
$this->nbProducts = $this->context->cart->nbProducts();
if (!$this->context->customer->isLogged(true) && $this->context->getMobileDevice() && Tools::getValue('step')) {
Tools::redirect($this->context->link->getPageLink('authentication', true, (int) $this->context->language->id, $params));
}
// Redirect to the good order process
if (Configuration::get('PS_ORDER_PROCESS_TYPE') == 0 && Dispatcher::getInstance()->getController() != 'order') {
Tools::redirect('index.php?controller=order');
}
if (Configuration::get('PS_ORDER_PROCESS_TYPE') == 1 && Dispatcher::getInstance()->getController() != 'orderopc') {
if (isset($_GET['step']) && $_GET['step'] == 3) {
Tools::redirect('index.php?controller=order-opc&isPaymentStep=true');
}
Tools::redirect('index.php?controller=order-opc');
}
if (Configuration::get('PS_CATALOG_MODE')) {
$this->errors[] = Tools::displayError('This store has not accepted your new order.');
}
if (Tools::isSubmit('submitReorder') && ($id_order = (int) Tools::getValue('id_order'))) {
$oldCart = new Cart(Order::getCartIdStatic($id_order, $this->context->customer->id));
$duplication = $oldCart->duplicate();
if (!$duplication || !Validate::isLoadedObject($duplication['cart'])) {
$this->errors[] = Tools::displayError('Sorry. We cannot renew your order.');
} else {
if (!$duplication['success']) {
$this->errors[] = Tools::displayError('Some items are no longer available, and we are unable to renew your order.');
} else {
$this->context->cookie->id_cart = $duplication['cart']->id;
$this->context->cookie->write();
if (Configuration::get('PS_ORDER_PROCESS_TYPE') == 1) {
Tools::redirect('index.php?controller=order-opc');
}
Tools::redirect('index.php?controller=order');
}
}
}
if ($this->nbProducts) {
if (CartRule::isFeatureActive()) {
if (Tools::isSubmit('submitAddDiscount')) {
if (!($code = trim(Tools::getValue('discount_name')))) {
$this->errors[] = Tools::displayError('You must enter a voucher code.');
} elseif (!Validate::isCleanHtml($code)) {
$this->errors[] = Tools::displayError('The voucher code is invalid.');
} else {
if (($cartRule = new CartRule(CartRule::getIdByCode($code))) && Validate::isLoadedObject($cartRule)) {
if ($error = $cartRule->checkValidity($this->context, false, true)) {
$this->errors[] = $error;
} else {
$this->context->cart->addCartRule($cartRule->id);
if (Configuration::get('PS_ORDER_PROCESS_TYPE') == 1) {
Tools::redirect('index.php?controller=order-opc&addingCartRule=1');
}
Tools::redirect('index.php?controller=order&addingCartRule=1');
}
} else {
$this->errors[] = Tools::displayError('This voucher does not exists.');
}
}
$this->context->smarty->assign(array('errors' => $this->errors, 'discount_name' => Tools::safeOutput($code)));
} elseif (($id_cart_rule = (int) Tools::getValue('deleteDiscount')) && Validate::isUnsignedId($id_cart_rule)) {
$this->context->cart->removeCartRule($id_cart_rule);
Tools::redirect('index.php?controller=order-opc');
}
}
/* Is there only virtual product in cart */
if ($isVirtualCart = $this->context->cart->isVirtualCart()) {
$this->setNoCarrier();
}
}
$this->context->smarty->assign('back', Tools::safeOutput(Tools::getValue('back')));
}
public function postProcess()
{
// If id_order is sent, we instanciate a new Order object
if (Tools::isSubmit('id_order') && Tools::getValue('id_order') > 0) {
$order = new Order(Tools::getValue('id_order'));
if (!Validate::isLoadedObject($order)) {
$this->errors[] = Tools::displayError('The order cannot be found within your database.');
}
ShopUrl::cacheMainDomainForShop((int) $order->id_shop);
}
/* Update shipping number */
if (Tools::isSubmit('submitShippingNumber') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$order_carrier = new OrderCarrier(Tools::getValue('id_order_carrier'));
if (!Validate::isLoadedObject($order_carrier)) {
$this->errors[] = Tools::displayError('The order carrier ID is invalid.');
} elseif (!Validate::isTrackingNumber(Tools::getValue('tracking_number'))) {
$this->errors[] = Tools::displayError('The tracking number is incorrect.');
} else {
// update shipping number
// Keep these two following lines for backward compatibility, remove on 1.6 version
$order->shipping_number = Tools::getValue('tracking_number');
$order->update();
// Update order_carrier
$order_carrier->tracking_number = pSQL(Tools::getValue('tracking_number'));
if ($order_carrier->update()) {
// Send mail to customer
$customer = new Customer((int) $order->id_customer);
$carrier = new Carrier((int) $order->id_carrier, $order->id_lang);
if (!Validate::isLoadedObject($customer)) {
throw new PrestaShopException('Can\'t load Customer object');
}
if (!Validate::isLoadedObject($carrier)) {
throw new PrestaShopException('Can\'t load Carrier object');
}
$templateVars = array('{followup}' => str_replace('@', $order->shipping_number, $carrier->url), '{firstname}' => $customer->firstname, '{lastname}' => $customer->lastname, '{id_order}' => $order->id, '{shipping_number}' => $order->shipping_number, '{order_name}' => $order->getUniqReference());
if (@Mail::Send((int) $order->id_lang, 'in_transit', Mail::l('Package in transit', (int) $order->id_lang), $templateVars, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
Hook::exec('actionAdminOrdersTrackingNumberUpdate', array('order' => $order, 'customer' => $customer, 'carrier' => $carrier), null, false, true, false, $order->id_shop);
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending an email to the customer.');
}
} else {
$this->errors[] = Tools::displayError('The order carrier cannot be updated.');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitState') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$order_state = new OrderState(Tools::getValue('id_order_state'));
if (!Validate::isLoadedObject($order_state)) {
$this->errors[] = Tools::displayError('The new order status is invalid.');
} else {
$current_order_state = $order->getCurrentOrderState();
if ($current_order_state->id != $order_state->id) {
// Create new OrderHistory
$history = new OrderHistory();
$history->id_order = $order->id;
$history->id_employee = (int) $this->context->employee->id;
$use_existings_payment = false;
if (!$order->hasInvoice()) {
$use_existings_payment = true;
}
$history->changeIdOrderState((int) $order_state->id, $order, $use_existings_payment);
$carrier = new Carrier($order->id_carrier, $order->id_lang);
$templateVars = array();
if ($history->id_order_state == Configuration::get('PS_OS_SHIPPING') && $order->shipping_number) {
$templateVars = array('{followup}' => str_replace('@', $order->shipping_number, $carrier->url));
}
// Save all changes
if ($history->addWithemail(true, $templateVars)) {
// synchronizes quantities if needed..
if (Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT')) {
foreach ($order->getProducts() as $product) {
if (StockAvailable::dependsOnStock($product['product_id'])) {
StockAvailable::synchronize($product['product_id'], (int) $product['id_shop']);
}
}
}
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . (int) $order->id . '&vieworder&token=' . $this->token);
}
$this->errors[] = Tools::displayError('An error occurred while changing order status, or we were unable to send an email to the customer.');
} else {
$this->errors[] = Tools::displayError('The order has already been assigned this status.');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitMessage') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$customer = new Customer(Tools::getValue('id_customer'));
if (!Validate::isLoadedObject($customer)) {
$this->errors[] = Tools::displayError('The customer is invalid.');
} elseif (!Tools::getValue('message')) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} else {
/* Get message rules and and check fields validity */
$rules = call_user_func(array('Message', 'getValidationRules'), 'Message');
foreach ($rules['required'] as $field) {
if (($value = Tools::getValue($field)) == false && (string) $value != '0') {
if (!Tools::getValue('id_' . $this->table) || $field != 'passwd') {
$this->errors[] = sprintf(Tools::displayError('field %s is required.'), $field);
}
}
}
foreach ($rules['size'] as $field => $maxLength) {
if (Tools::getValue($field) && Tools::strlen(Tools::getValue($field)) > $maxLength) {
$this->errors[] = sprintf(Tools::displayError('field %1$s is too long (%2$d chars max).'), $field, $maxLength);
}
}
foreach ($rules['validate'] as $field => $function) {
if (Tools::getValue($field)) {
if (!Validate::$function(htmlentities(Tools::getValue($field), ENT_COMPAT, 'UTF-8'))) {
$this->errors[] = sprintf(Tools::displayError('field %s is invalid.'), $field);
}
}
}
if (!count($this->errors)) {
//check if a thread already exist
$id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($customer->email, $order->id);
if (!$id_customer_thread) {
$customer_thread = new CustomerThread();
$customer_thread->id_contact = 0;
$customer_thread->id_customer = (int) $order->id_customer;
$customer_thread->id_shop = (int) $this->context->shop->id;
$customer_thread->id_order = (int) $order->id;
$customer_thread->id_lang = (int) $this->context->language->id;
$customer_thread->email = $customer->email;
$customer_thread->status = 'open';
$customer_thread->token = Tools::passwdGen(12);
$customer_thread->add();
} else {
$customer_thread = new CustomerThread((int) $id_customer_thread);
}
$customer_message = new CustomerMessage();
$customer_message->id_customer_thread = $customer_thread->id;
$customer_message->id_employee = (int) $this->context->employee->id;
$customer_message->message = Tools::getValue('message');
$customer_message->private = Tools::getValue('visibility');
if (!$customer_message->add()) {
$this->errors[] = Tools::displayError('An error occurred while saving the message.');
} elseif ($customer_message->private) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . (int) $order->id . '&vieworder&conf=11&token=' . $this->token);
} else {
$message = $customer_message->message;
if (Configuration::get('PS_MAIL_TYPE', null, null, $order->id_shop) != Mail::TYPE_TEXT) {
$message = Tools::nl2br($customer_message->message);
}
$varsTpl = array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{id_order}' => $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => $message);
if (@Mail::Send((int) $order->id_lang, 'order_merchant_comment', Mail::l('New message regarding your order', (int) $order->id_lang), $varsTpl, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=11' . '&token=' . $this->token);
}
}
$this->errors[] = Tools::displayError('An error occurred while sending an email to the customer.');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to delete this.');
}
} elseif (Tools::isSubmit('partialRefund') && isset($order)) {
if ($this->tabAccess['edit'] == '1') {
if (is_array($_POST['partialRefundProduct'])) {
$amount = 0;
$order_detail_list = array();
foreach ($_POST['partialRefundProduct'] as $id_order_detail => $amount_detail) {
$order_detail_list[$id_order_detail]['quantity'] = (int) $_POST['partialRefundProductQuantity'][$id_order_detail];
if (empty($amount_detail)) {
$order_detail = new OrderDetail((int) $id_order_detail);
$order_detail_list[$id_order_detail]['amount'] = $order_detail->unit_price_tax_incl * $order_detail_list[$id_order_detail]['quantity'];
} else {
$order_detail_list[$id_order_detail]['amount'] = (double) str_replace(',', '.', $amount_detail);
}
$amount += $order_detail_list[$id_order_detail]['amount'];
$order_detail = new OrderDetail((int) $id_order_detail);
if (!$order->hasBeenDelivered() || $order->hasBeenDelivered() && Tools::isSubmit('reinjectQuantities') && $order_detail_list[$id_order_detail]['quantity'] > 0) {
$this->reinjectQuantity($order_detail, $order_detail_list[$id_order_detail]['quantity']);
}
}
$shipping_cost_amount = (double) str_replace(',', '.', Tools::getValue('partialRefundShippingCost'));
if ($shipping_cost_amount > 0) {
$amount += $shipping_cost_amount;
}
$order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
if (Validate::isLoadedObject($order_carrier)) {
$order_carrier->weight = (double) $order->getTotalWeight();
if ($order_carrier->update()) {
$order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight);
}
}
if ($amount > 0) {
if (!OrderSlip::createPartialOrderSlip($order, $amount, $shipping_cost_amount, $order_detail_list)) {
$this->errors[] = Tools::displayError('You cannot generate a partial credit slip.');
}
// Generate voucher
if (Tools::isSubmit('generateDiscountRefund') && !count($this->errors)) {
$cart_rule = new CartRule();
$cart_rule->description = sprintf($this->l('Credit slip for order #%d'), $order->id);
$languages = Language::getLanguages(false);
foreach ($languages as $language) {
// Define a temporary name
$cart_rule->name[$language['id_lang']] = sprintf('V0C%1$dO%2$d', $order->id_customer, $order->id);
}
// Define a temporary code
$cart_rule->code = sprintf('V0C%1$dO%2$d', $order->id_customer, $order->id);
$cart_rule->quantity = 1;
$cart_rule->quantity_per_user = 1;
// Specific to the customer
$cart_rule->id_customer = $order->id_customer;
$now = time();
$cart_rule->date_from = date('Y-m-d H:i:s', $now);
$cart_rule->date_to = date('Y-m-d H:i:s', $now + 3600 * 24 * 365.25);
/* 1 year */
$cart_rule->partial_use = 1;
$cart_rule->active = 1;
$cart_rule->reduction_amount = $amount;
$cart_rule->reduction_tax = true;
$cart_rule->minimum_amount_currency = $order->id_currency;
$cart_rule->reduction_currency = $order->id_currency;
if (!$cart_rule->add()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
// Update the voucher code and name
foreach ($languages as $language) {
$cart_rule->name[$language['id_lang']] = sprintf('V%1$dC%2$dO%3$d', $cart_rule->id, $order->id_customer, $order->id);
}
$cart_rule->code = sprintf('V%1$dC%2$dO%3$d', $cart_rule->id, $order->id_customer, $order->id);
if (!$cart_rule->update()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
$currency = $this->context->currency;
$customer = new Customer((int) $order->id_customer);
$params['{lastname}'] = $customer->lastname;
$params['{firstname}'] = $customer->firstname;
$params['{id_order}'] = $order->id;
$params['{order_name}'] = $order->getUniqReference();
$params['{voucher_amount}'] = Tools::displayPrice($cart_rule->reduction_amount, $currency, false);
$params['{voucher_num}'] = $cart_rule->code;
$customer = new Customer((int) $order->id_customer);
@Mail::Send((int) $order->id_lang, 'voucher', sprintf(Mail::l('New voucher regarding your order %s', (int) $order->id_lang), $order->reference), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
}
}
}
} else {
$this->errors[] = Tools::displayError('You have to enter an amount if you want to create a partial credit slip.');
}
// Redirect if no errors
if (!count($this->errors)) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=30&token=' . $this->token);
}
} else {
$this->errors[] = Tools::displayError('The partial refund data is incorrect.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to delete this.');
}
} elseif (Tools::isSubmit('cancelProduct') && isset($order)) {
if ($this->tabAccess['delete'] === '1') {
if (!Tools::isSubmit('id_order_detail') && !Tools::isSubmit('id_customization')) {
$this->errors[] = Tools::displayError('You must select a product.');
} elseif (!Tools::isSubmit('cancelQuantity') && !Tools::isSubmit('cancelCustomizationQuantity')) {
$this->errors[] = Tools::displayError('You must enter a quantity.');
} else {
$productList = Tools::getValue('id_order_detail');
if ($productList) {
$productList = array_map('intval', $productList);
}
$customizationList = Tools::getValue('id_customization');
if ($customizationList) {
$customizationList = array_map('intval', $customizationList);
}
$qtyList = Tools::getValue('cancelQuantity');
if ($qtyList) {
$qtyList = array_map('intval', $qtyList);
}
$customizationQtyList = Tools::getValue('cancelCustomizationQuantity');
if ($customizationQtyList) {
$customizationQtyList = array_map('intval', $customizationQtyList);
}
$full_product_list = $productList;
$full_quantity_list = $qtyList;
if ($customizationList) {
foreach ($customizationList as $key => $id_order_detail) {
$full_product_list[(int) $id_order_detail] = $id_order_detail;
if (isset($customizationQtyList[$key])) {
$full_quantity_list[(int) $id_order_detail] += $customizationQtyList[$key];
}
}
}
if ($productList || $customizationList) {
if ($productList) {
$id_cart = Cart::getCartIdByOrderId($order->id);
$customization_quantities = Customization::countQuantityByCart($id_cart);
foreach ($productList as $key => $id_order_detail) {
$qtyCancelProduct = abs($qtyList[$key]);
if (!$qtyCancelProduct) {
$this->errors[] = Tools::displayError('No quantity has been selected for this product.');
}
$order_detail = new OrderDetail($id_order_detail);
$customization_quantity = 0;
if (array_key_exists($order_detail->product_id, $customization_quantities) && array_key_exists($order_detail->product_attribute_id, $customization_quantities[$order_detail->product_id])) {
$customization_quantity = (int) $customization_quantities[$order_detail->product_id][$order_detail->product_attribute_id];
}
if ($order_detail->product_quantity - $customization_quantity - $order_detail->product_quantity_refunded - $order_detail->product_quantity_return < $qtyCancelProduct) {
$this->errors[] = Tools::displayError('An invalid quantity was selected for this product.');
}
}
}
if ($customizationList) {
$customization_quantities = Customization::retrieveQuantitiesFromIds(array_keys($customizationList));
foreach ($customizationList as $id_customization => $id_order_detail) {
$qtyCancelProduct = abs($customizationQtyList[$id_customization]);
$customization_quantity = $customization_quantities[$id_customization];
if (!$qtyCancelProduct) {
$this->errors[] = Tools::displayError('No quantity has been selected for this product.');
}
if ($qtyCancelProduct > $customization_quantity['quantity'] - ($customization_quantity['quantity_refunded'] + $customization_quantity['quantity_returned'])) {
$this->errors[] = Tools::displayError('An invalid quantity was selected for this product.');
}
}
}
if (!count($this->errors) && $productList) {
foreach ($productList as $key => $id_order_detail) {
$qty_cancel_product = abs($qtyList[$key]);
$order_detail = new OrderDetail((int) $id_order_detail);
if (!$order->hasBeenDelivered() || $order->hasBeenDelivered() && Tools::isSubmit('reinjectQuantities') && $qty_cancel_product > 0) {
$this->reinjectQuantity($order_detail, $qty_cancel_product);
}
// Delete product
$order_detail = new OrderDetail((int) $id_order_detail);
if (!$order->deleteProduct($order, $order_detail, $qty_cancel_product)) {
$this->errors[] = Tools::displayError('An error occurred while attempting to delete the product.') . ' <span class="bold">' . $order_detail->product_name . '</span>';
}
// Update weight SUM
$order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
if (Validate::isLoadedObject($order_carrier)) {
$order_carrier->weight = (double) $order->getTotalWeight();
if ($order_carrier->update()) {
$order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight);
}
}
Hook::exec('actionProductCancel', array('order' => $order, 'id_order_detail' => (int) $id_order_detail), null, false, true, false, $order->id_shop);
}
}
if (!count($this->errors) && $customizationList) {
foreach ($customizationList as $id_customization => $id_order_detail) {
$order_detail = new OrderDetail((int) $id_order_detail);
$qtyCancelProduct = abs($customizationQtyList[$id_customization]);
if (!$order->deleteCustomization($id_customization, $qtyCancelProduct, $order_detail)) {
$this->errors[] = Tools::displayError('An error occurred while attempting to delete product customization.') . ' ' . $id_customization;
}
}
}
// E-mail params
if ((Tools::isSubmit('generateCreditSlip') || Tools::isSubmit('generateDiscount')) && !count($this->errors)) {
$customer = new Customer((int) $order->id_customer);
$params['{lastname}'] = $customer->lastname;
$params['{firstname}'] = $customer->firstname;
$params['{id_order}'] = $order->id;
$params['{order_name}'] = $order->getUniqReference();
}
// Generate credit slip
if (Tools::isSubmit('generateCreditSlip') && !count($this->errors)) {
if (!OrderSlip::createOrderSlip($order, $full_product_list, $full_quantity_list, Tools::isSubmit('shippingBack'))) {
$this->errors[] = Tools::displayError('A credit slip cannot be generated. ');
} else {
Hook::exec('actionOrderSlipAdd', array('order' => $order, 'productList' => $full_product_list, 'qtyList' => $full_quantity_list), null, false, true, false, $order->id_shop);
@Mail::Send((int) $order->id_lang, 'credit_slip', Mail::l('New credit slip regarding your order', (int) $order->id_lang), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
}
}
// Generate voucher
if (Tools::isSubmit('generateDiscount') && !count($this->errors)) {
$cartrule = new CartRule();
$languages = Language::getLanguages($order);
$cartrule->description = sprintf($this->l('Credit card slip for order #%d'), $order->id);
foreach ($languages as $language) {
// Define a temporary name
$cartrule->name[$language['id_lang']] = 'V0C' . (int) $order->id_customer . 'O' . (int) $order->id;
}
// Define a temporary code
$cartrule->code = 'V0C' . (int) $order->id_customer . 'O' . (int) $order->id;
$cartrule->quantity = 1;
$cartrule->quantity_per_user = 1;
// Specific to the customer
$cartrule->id_customer = $order->id_customer;
$now = time();
$cartrule->date_from = date('Y-m-d H:i:s', $now);
$cartrule->date_to = date('Y-m-d H:i:s', $now + 3600 * 24 * 365.25);
/* 1 year */
$cartrule->active = 1;
$products = $order->getProducts(false, $full_product_list, $full_quantity_list);
$total = 0;
foreach ($products as $product) {
$total += $product['unit_price_tax_incl'] * $product['product_quantity'];
}
if (Tools::isSubmit('shippingBack')) {
$total += $order->total_shipping;
}
$cartrule->reduction_amount = $total;
$cartrule->reduction_tax = true;
$cartrule->minimum_amount_currency = $order->id_currency;
$cartrule->reduction_currency = $order->id_currency;
if (!$cartrule->add()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
// Update the voucher code and name
foreach ($languages as $language) {
$cartrule->name[$language['id_lang']] = 'V' . (int) $cartrule->id . 'C' . (int) $order->id_customer . 'O' . $order->id;
}
$cartrule->code = 'V' . (int) $cartrule->id . 'C' . (int) $order->id_customer . 'O' . $order->id;
if (!$cartrule->update()) {
$this->errors[] = Tools::displayError('You cannot generate a voucher.');
} else {
$currency = $this->context->currency;
$params['{voucher_amount}'] = Tools::displayPrice($cartrule->reduction_amount, $currency, false);
$params['{voucher_num}'] = $cartrule->code;
@Mail::Send((int) $order->id_lang, 'voucher', sprintf(Mail::l('New voucher regarding your order %s', (int) $order->id_lang), $order->reference), $params, $customer->email, $customer->firstname . ' ' . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop);
}
}
}
} else {
$this->errors[] = Tools::displayError('No product or quantity has been selected.');
}
// Redirect if no errors
if (!count($this->errors)) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=31&token=' . $this->token);
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to delete this.');
}
} elseif (Tools::isSubmit('messageReaded')) {
Message::markAsReaded(Tools::getValue('messageReaded'), $this->context->employee->id);
} elseif (Tools::isSubmit('submitAddPayment') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$amount = str_replace(',', '.', Tools::getValue('payment_amount'));
$currency = new Currency(Tools::getValue('payment_currency'));
$order_has_invoice = $order->hasInvoice();
if ($order_has_invoice) {
$order_invoice = new OrderInvoice(Tools::getValue('payment_invoice'));
} else {
$order_invoice = null;
}
if (!Validate::isLoadedObject($order)) {
$this->errors[] = Tools::displayError('The order cannot be found');
} elseif (!Validate::isNegativePrice($amount) || !(double) $amount) {
$this->errors[] = Tools::displayError('The amount is invalid.');
} elseif (!Validate::isGenericName(Tools::getValue('payment_method'))) {
$this->errors[] = Tools::displayError('The selected payment method is invalid.');
} elseif (!Validate::isString(Tools::getValue('payment_transaction_id'))) {
$this->errors[] = Tools::displayError('The transaction ID is invalid.');
} elseif (!Validate::isLoadedObject($currency)) {
$this->errors[] = Tools::displayError('The selected currency is invalid.');
} elseif ($order_has_invoice && !Validate::isLoadedObject($order_invoice)) {
$this->errors[] = Tools::displayError('The invoice is invalid.');
} elseif (!Validate::isDate(Tools::getValue('payment_date'))) {
$this->errors[] = Tools::displayError('The date is invalid');
} else {
if (!$order->addOrderPayment($amount, Tools::getValue('payment_method'), Tools::getValue('payment_transaction_id'), $currency, Tools::getValue('payment_date'), $order_invoice)) {
$this->errors[] = Tools::displayError('An error occurred during payment.');
} else {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitEditNote')) {
$note = Tools::getValue('note');
$order_invoice = new OrderInvoice((int) Tools::getValue('id_order_invoice'));
if (Validate::isLoadedObject($order_invoice) && Validate::isCleanHtml($note)) {
if ($this->tabAccess['edit'] === '1') {
$order_invoice->note = $note;
if ($order_invoice->save()) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order_invoice->id_order . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('The invoice note was not saved.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} else {
$this->errors[] = Tools::displayError('The invoice for edit note was unable to load. ');
}
} elseif (Tools::isSubmit('submitAddOrder') && ($id_cart = Tools::getValue('id_cart')) && ($module_name = Tools::getValue('payment_module_name')) && ($id_order_state = Tools::getValue('id_order_state')) && Validate::isModuleName($module_name)) {
if ($this->tabAccess['edit'] === '1') {
$payment_module = Module::getInstanceByName($module_name);
$cart = new Cart((int) $id_cart);
Context::getContext()->currency = new Currency((int) $cart->id_currency);
Context::getContext()->customer = new Customer((int) $cart->id_customer);
$employee = new Employee((int) Context::getContext()->cookie->id_employee);
$payment_module->validateOrder((int) $cart->id, (int) $id_order_state, $cart->getOrderTotal(true, Cart::BOTH), $payment_module->displayName, $this->l('Manual order -- Employee:') . ' ' . substr($employee->firstname, 0, 1) . '. ' . $employee->lastname, array(), null, false, $cart->secure_key);
if ($payment_module->currentOrder) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $payment_module->currentOrder . '&vieworder' . '&token=' . $this->token);
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to add this.');
}
} elseif ((Tools::isSubmit('submitAddressShipping') || Tools::isSubmit('submitAddressInvoice')) && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$address = new Address(Tools::getValue('id_address'));
if (Validate::isLoadedObject($address)) {
// Update the address on order
if (Tools::isSubmit('submitAddressShipping')) {
$order->id_address_delivery = $address->id;
} elseif (Tools::isSubmit('submitAddressInvoice')) {
$order->id_address_invoice = $address->id;
}
$order->update();
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('This address can\'t be loaded');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitChangeCurrency') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
if (Tools::getValue('new_currency') != $order->id_currency && !$order->valid) {
$old_currency = new Currency($order->id_currency);
$currency = new Currency(Tools::getValue('new_currency'));
if (!Validate::isLoadedObject($currency)) {
throw new PrestaShopException('Can\'t load Currency object');
}
// Update order detail amount
foreach ($order->getOrderDetailList() as $row) {
$order_detail = new OrderDetail($row['id_order_detail']);
$fields = array('ecotax', 'product_price', 'reduction_amount', 'total_shipping_price_tax_excl', 'total_shipping_price_tax_incl', 'total_price_tax_incl', 'total_price_tax_excl', 'product_quantity_discount', 'purchase_supplier_price', 'reduction_amount', 'reduction_amount_tax_incl', 'reduction_amount_tax_excl', 'unit_price_tax_incl', 'unit_price_tax_excl', 'original_product_price');
foreach ($fields as $field) {
$order_detail->{$field} = Tools::convertPriceFull($order_detail->{$field}, $old_currency, $currency);
}
$order_detail->update();
$order_detail->updateTaxAmount($order);
}
$id_order_carrier = (int) $order->getIdOrderCarrier();
if ($id_order_carrier) {
$order_carrier = $order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
$order_carrier->shipping_cost_tax_excl = (double) Tools::convertPriceFull($order_carrier->shipping_cost_tax_excl, $old_currency, $currency);
$order_carrier->shipping_cost_tax_incl = (double) Tools::convertPriceFull($order_carrier->shipping_cost_tax_incl, $old_currency, $currency);
$order_carrier->update();
}
// Update order && order_invoice amount
$fields = array('total_discounts', 'total_discounts_tax_incl', 'total_discounts_tax_excl', 'total_discount_tax_excl', 'total_discount_tax_incl', 'total_paid', 'total_paid_tax_incl', 'total_paid_tax_excl', 'total_paid_real', 'total_products', 'total_products_wt', 'total_shipping', 'total_shipping_tax_incl', 'total_shipping_tax_excl', 'total_wrapping', 'total_wrapping_tax_incl', 'total_wrapping_tax_excl');
$invoices = $order->getInvoicesCollection();
if ($invoices) {
foreach ($invoices as $invoice) {
foreach ($fields as $field) {
if (isset($invoice->{$field})) {
$invoice->{$field} = Tools::convertPriceFull($invoice->{$field}, $old_currency, $currency);
}
}
$invoice->save();
}
}
foreach ($fields as $field) {
if (isset($order->{$field})) {
$order->{$field} = Tools::convertPriceFull($order->{$field}, $old_currency, $currency);
}
}
// Update currency in order
$order->id_currency = $currency->id;
// Update exchange rate
$order->conversion_rate = (double) $currency->conversion_rate;
$order->update();
} else {
$this->errors[] = Tools::displayError('You cannot change the currency.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitGenerateInvoice') && isset($order)) {
if (!Configuration::get('PS_INVOICE', null, null, $order->id_shop)) {
$this->errors[] = Tools::displayError('Invoice management has been disabled.');
} elseif ($order->hasInvoice()) {
$this->errors[] = Tools::displayError('This order already has an invoice.');
} else {
$order->setInvoice(true);
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
}
} elseif (Tools::isSubmit('submitDeleteVoucher') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
$order_cart_rule = new OrderCartRule(Tools::getValue('id_order_cart_rule'));
if (Validate::isLoadedObject($order_cart_rule) && $order_cart_rule->id_order == $order->id) {
if ($order_cart_rule->id_order_invoice) {
$order_invoice = new OrderInvoice($order_cart_rule->id_order_invoice);
if (!Validate::isLoadedObject($order_invoice)) {
throw new PrestaShopException('Can\'t load Order Invoice object');
}
// Update amounts of Order Invoice
$order_invoice->total_discount_tax_excl -= $order_cart_rule->value_tax_excl;
$order_invoice->total_discount_tax_incl -= $order_cart_rule->value;
$order_invoice->total_paid_tax_excl += $order_cart_rule->value_tax_excl;
$order_invoice->total_paid_tax_incl += $order_cart_rule->value;
// Update Order Invoice
$order_invoice->update();
}
// Update amounts of order
$order->total_discounts -= $order_cart_rule->value;
$order->total_discounts_tax_incl -= $order_cart_rule->value;
$order->total_discounts_tax_excl -= $order_cart_rule->value_tax_excl;
$order->total_paid += $order_cart_rule->value;
$order->total_paid_tax_incl += $order_cart_rule->value;
$order->total_paid_tax_excl += $order_cart_rule->value_tax_excl;
// Delete Order Cart Rule and update Order
$order_cart_rule->delete();
$order->update();
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('You cannot edit this cart rule.');
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
} elseif (Tools::isSubmit('submitNewVoucher') && isset($order)) {
if ($this->tabAccess['edit'] === '1') {
if (!Tools::getValue('discount_name')) {
$this->errors[] = Tools::displayError('You must specify a name in order to create a new discount.');
} else {
if ($order->hasInvoice()) {
// If the discount is for only one invoice
if (!Tools::isSubmit('discount_all_invoices')) {
$order_invoice = new OrderInvoice(Tools::getValue('discount_invoice'));
if (!Validate::isLoadedObject($order_invoice)) {
throw new PrestaShopException('Can\'t load Order Invoice object');
}
}
}
$cart_rules = array();
$discount_value = (double) str_replace(',', '.', Tools::getValue('discount_value'));
switch (Tools::getValue('discount_type')) {
// Percent type
case 1:
if ($discount_value < 100) {
if (isset($order_invoice)) {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($order_invoice->total_paid_tax_incl * $discount_value / 100, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($order_invoice->total_paid_tax_excl * $discount_value / 100, 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
} elseif ($order->hasInvoice()) {
$order_invoices_collection = $order->getInvoicesCollection();
foreach ($order_invoices_collection as $order_invoice) {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($order_invoice->total_paid_tax_incl * $discount_value / 100, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($order_invoice->total_paid_tax_excl * $discount_value / 100, 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} else {
$cart_rules[0]['value_tax_incl'] = Tools::ps_round($order->total_paid_tax_incl * $discount_value / 100, 2);
$cart_rules[0]['value_tax_excl'] = Tools::ps_round($order->total_paid_tax_excl * $discount_value / 100, 2);
}
} else {
$this->errors[] = Tools::displayError('The discount value is invalid.');
}
break;
// Amount type
// Amount type
case 2:
if (isset($order_invoice)) {
if ($discount_value > $order_invoice->total_paid_tax_incl) {
$this->errors[] = Tools::displayError('The discount value is greater than the order invoice total.');
} else {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} elseif ($order->hasInvoice()) {
$order_invoices_collection = $order->getInvoicesCollection();
foreach ($order_invoices_collection as $order_invoice) {
if ($discount_value > $order_invoice->total_paid_tax_incl) {
$this->errors[] = Tools::displayError('The discount value is greater than the order invoice total.') . $order_invoice->getInvoiceNumberFormatted(Context::getContext()->language->id, (int) $order->id_shop) . ')';
} else {
$cart_rules[$order_invoice->id]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
$cart_rules[$order_invoice->id]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
}
} else {
if ($discount_value > $order->total_paid_tax_incl) {
$this->errors[] = Tools::displayError('The discount value is greater than the order total.');
} else {
$cart_rules[0]['value_tax_incl'] = Tools::ps_round($discount_value, 2);
$cart_rules[0]['value_tax_excl'] = Tools::ps_round($discount_value / (1 + $order->getTaxesAverageUsed() / 100), 2);
}
}
break;
// Free shipping type
// Free shipping type
case 3:
if (isset($order_invoice)) {
if ($order_invoice->total_shipping_tax_incl > 0) {
$cart_rules[$order_invoice->id]['value_tax_incl'] = $order_invoice->total_shipping_tax_incl;
$cart_rules[$order_invoice->id]['value_tax_excl'] = $order_invoice->total_shipping_tax_excl;
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} elseif ($order->hasInvoice()) {
$order_invoices_collection = $order->getInvoicesCollection();
foreach ($order_invoices_collection as $order_invoice) {
if ($order_invoice->total_shipping_tax_incl <= 0) {
continue;
}
$cart_rules[$order_invoice->id]['value_tax_incl'] = $order_invoice->total_shipping_tax_incl;
$cart_rules[$order_invoice->id]['value_tax_excl'] = $order_invoice->total_shipping_tax_excl;
// Update OrderInvoice
$this->applyDiscountOnInvoice($order_invoice, $cart_rules[$order_invoice->id]['value_tax_incl'], $cart_rules[$order_invoice->id]['value_tax_excl']);
}
} else {
$cart_rules[0]['value_tax_incl'] = $order->total_shipping_tax_incl;
$cart_rules[0]['value_tax_excl'] = $order->total_shipping_tax_excl;
}
break;
default:
$this->errors[] = Tools::displayError('The discount type is invalid.');
}
$res = true;
foreach ($cart_rules as &$cart_rule) {
$cartRuleObj = new CartRule();
$cartRuleObj->date_from = date('Y-m-d H:i:s', strtotime('-1 hour', strtotime($order->date_add)));
$cartRuleObj->date_to = date('Y-m-d H:i:s', strtotime('+1 hour'));
$cartRuleObj->name[Configuration::get('PS_LANG_DEFAULT')] = Tools::getValue('discount_name');
$cartRuleObj->quantity = 0;
$cartRuleObj->quantity_per_user = 1;
if (Tools::getValue('discount_type') == 1) {
$cartRuleObj->reduction_percent = $discount_value;
} elseif (Tools::getValue('discount_type') == 2) {
$cartRuleObj->reduction_amount = $cart_rule['value_tax_excl'];
} elseif (Tools::getValue('discount_type') == 3) {
$cartRuleObj->free_shipping = 1;
}
$cartRuleObj->active = 0;
if ($res = $cartRuleObj->add()) {
$cart_rule['id'] = $cartRuleObj->id;
} else {
break;
}
}
if ($res) {
foreach ($cart_rules as $id_order_invoice => $cart_rule) {
// Create OrderCartRule
$order_cart_rule = new OrderCartRule();
$order_cart_rule->id_order = $order->id;
$order_cart_rule->id_cart_rule = $cart_rule['id'];
$order_cart_rule->id_order_invoice = $id_order_invoice;
$order_cart_rule->name = Tools::getValue('discount_name');
$order_cart_rule->value = $cart_rule['value_tax_incl'];
$order_cart_rule->value_tax_excl = $cart_rule['value_tax_excl'];
$res &= $order_cart_rule->add();
$order->total_discounts += $order_cart_rule->value;
$order->total_discounts_tax_incl += $order_cart_rule->value;
$order->total_discounts_tax_excl += $order_cart_rule->value_tax_excl;
$order->total_paid -= $order_cart_rule->value;
$order->total_paid_tax_incl -= $order_cart_rule->value;
$order->total_paid_tax_excl -= $order_cart_rule->value_tax_excl;
}
// Update Order
$res &= $order->update();
}
if ($res) {
Tools::redirectAdmin(self::$currentIndex . '&id_order=' . $order->id . '&vieworder&conf=4&token=' . $this->token);
} else {
$this->errors[] = Tools::displayError('An error occurred during the OrderCartRule creation');
}
}
} else {
$this->errors[] = Tools::displayError('You do not have permission to edit this.');
}
}
parent::postProcess();
}
public function validateOrder($id_cart, $id_order_state, $amount_paid, $payment_method = 'Unknown', $message = null, $extra_vars = array(), $currency_special = null, $dont_touch_amount = false, $secure_key = false, Shop $shop = null)
{
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Function called', 1, null, 'Cart', (int) $id_cart, true);
}
if (!isset($this->context)) {
$this->context = Context::getContext();
}
$this->context->cart = new Cart($id_cart);
$this->context->customer = new Customer($this->context->cart->id_customer);
// The tax cart is loaded before the customer so re-cache the tax calculation method
$this->context->cart->setTaxCalculationMethod();
$this->context->language = new Language($this->context->cart->id_lang);
$this->context->shop = $shop ? $shop : new Shop($this->context->cart->id_shop);
ShopUrl::resetMainDomainCache();
$id_currency = $currency_special ? (int) $currency_special : (int) $this->context->cart->id_currency;
$this->context->currency = new Currency($id_currency, null, $this->context->shop->id);
if (Configuration::get('PS_TAX_ADDRESS_TYPE') == 'id_address_delivery') {
$context_country = $this->context->country;
}
$order_status = new OrderState((int) $id_order_state, (int) $this->context->language->id);
if (!Validate::isLoadedObject($order_status)) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Order Status cannot be loaded', 3, null, 'Cart', (int) $id_cart, true);
throw new PrestaShopException('Can\'t load Order status');
}
if (!$this->active) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Module is not active', 3, null, 'Cart', (int) $id_cart, true);
die(Tools::displayError());
}
// Does order already exists ?
if (Validate::isLoadedObject($this->context->cart) && $this->context->cart->OrderExists() == false) {
if ($secure_key !== false && $secure_key != $this->context->cart->secure_key) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Secure key does not match', 3, null, 'Cart', (int) $id_cart, true);
die(Tools::displayError());
}
// For each package, generate an order
$delivery_option_list = $this->context->cart->getDeliveryOptionList();
$package_list = $this->context->cart->getPackageList();
$cart_delivery_option = $this->context->cart->getDeliveryOption();
// If some delivery options are not defined, or not valid, use the first valid option
foreach ($delivery_option_list as $id_address => $package) {
if (!isset($cart_delivery_option[$id_address]) || !array_key_exists($cart_delivery_option[$id_address], $package)) {
foreach ($package as $key => $val) {
$cart_delivery_option[$id_address] = $key;
break;
}
}
}
$order_list = array();
$order_detail_list = array();
do {
$reference = Order::generateReference();
} while (Order::getByReference($reference)->count());
$this->currentOrderReference = $reference;
$order_creation_failed = false;
$cart_total_paid = (double) Tools::ps_round((double) $this->context->cart->getOrderTotal(true, Cart::BOTH), 2);
foreach ($cart_delivery_option as $id_address => $key_carriers) {
foreach ($delivery_option_list[$id_address][$key_carriers]['carrier_list'] as $id_carrier => $data) {
foreach ($data['package_list'] as $id_package) {
// Rewrite the id_warehouse
$package_list[$id_address][$id_package]['id_warehouse'] = (int) $this->context->cart->getPackageIdWarehouse($package_list[$id_address][$id_package], (int) $id_carrier);
$package_list[$id_address][$id_package]['id_carrier'] = $id_carrier;
}
}
}
// Make sure CartRule caches are empty
CartRule::cleanCache();
$cart_rules = $this->context->cart->getCartRules();
foreach ($cart_rules as $cart_rule) {
if (($rule = new CartRule((int) $cart_rule['obj']->id)) && Validate::isLoadedObject($rule)) {
if ($error = $rule->checkValidity($this->context, true, true)) {
$this->context->cart->removeCartRule((int) $rule->id);
if (isset($this->context->cookie) && isset($this->context->cookie->id_customer) && $this->context->cookie->id_customer && !empty($rule->code)) {
if (Configuration::get('PS_ORDER_PROCESS_TYPE') == 1) {
Tools::redirect('index.php?controller=order-opc&submitAddDiscount=1&discount_name=' . urlencode($rule->code));
}
Tools::redirect('index.php?controller=order&submitAddDiscount=1&discount_name=' . urlencode($rule->code));
} else {
$rule_name = isset($rule->name[(int) $this->context->cart->id_lang]) ? $rule->name[(int) $this->context->cart->id_lang] : $rule->code;
$error = Tools::displayError(sprintf('CartRule ID %1s (%2s) used in this cart is not valid and has been withdrawn from cart', (int) $rule->id, $rule_name));
PrestaShopLogger::addLog($error, 3, '0000002', 'Cart', (int) $this->context->cart->id);
}
}
}
}
foreach ($package_list as $id_address => $packageByAddress) {
foreach ($packageByAddress as $id_package => $package) {
$order = new Order();
$order->product_list = $package['product_list'];
if (Configuration::get('PS_TAX_ADDRESS_TYPE') == 'id_address_delivery') {
$address = new Address($id_address);
$this->context->country = new Country($address->id_country, $this->context->cart->id_lang);
if (!$this->context->country->active) {
throw new PrestaShopException('The delivery address country is not active.');
}
}
$carrier = null;
if (!$this->context->cart->isVirtualCart() && isset($package['id_carrier'])) {
$carrier = new Carrier($package['id_carrier'], $this->context->cart->id_lang);
$order->id_carrier = (int) $carrier->id;
$id_carrier = (int) $carrier->id;
} else {
$order->id_carrier = 0;
$id_carrier = 0;
}
$order->id_customer = (int) $this->context->cart->id_customer;
$order->id_address_invoice = (int) $this->context->cart->id_address_invoice;
$order->id_address_delivery = (int) $id_address;
$order->id_currency = $this->context->currency->id;
$order->id_lang = (int) $this->context->cart->id_lang;
$order->id_cart = (int) $this->context->cart->id;
$order->reference = $reference;
$order->id_shop = (int) $this->context->shop->id;
$order->id_shop_group = (int) $this->context->shop->id_shop_group;
$order->secure_key = $secure_key ? pSQL($secure_key) : pSQL($this->context->customer->secure_key);
$order->payment = $payment_method;
if (isset($this->name)) {
$order->module = $this->name;
}
$order->recyclable = $this->context->cart->recyclable;
$order->gift = (int) $this->context->cart->gift;
$order->gift_message = $this->context->cart->gift_message;
$order->mobile_theme = $this->context->cart->mobile_theme;
$order->conversion_rate = $this->context->currency->conversion_rate;
$amount_paid = !$dont_touch_amount ? Tools::ps_round((double) $amount_paid, 2) : $amount_paid;
$order->total_paid_real = 0;
$order->total_products = (double) $this->context->cart->getOrderTotal(false, Cart::ONLY_PRODUCTS, $order->product_list, $id_carrier);
$order->total_products_wt = (double) $this->context->cart->getOrderTotal(true, Cart::ONLY_PRODUCTS, $order->product_list, $id_carrier);
$order->total_discounts_tax_excl = (double) abs($this->context->cart->getOrderTotal(false, Cart::ONLY_DISCOUNTS, $order->product_list, $id_carrier));
$order->total_discounts_tax_incl = (double) abs($this->context->cart->getOrderTotal(true, Cart::ONLY_DISCOUNTS, $order->product_list, $id_carrier));
$order->total_discounts = $order->total_discounts_tax_incl;
$order->total_shipping_tax_excl = (double) $this->context->cart->getPackageShippingCost((int) $id_carrier, false, null, $order->product_list);
$order->total_shipping_tax_incl = (double) $this->context->cart->getPackageShippingCost((int) $id_carrier, true, null, $order->product_list);
$order->total_shipping = $order->total_shipping_tax_incl;
if (!is_null($carrier) && Validate::isLoadedObject($carrier)) {
$order->carrier_tax_rate = $carrier->getTaxesRate(new Address($this->context->cart->{Configuration::get('PS_TAX_ADDRESS_TYPE')}));
}
$order->total_wrapping_tax_excl = (double) abs($this->context->cart->getOrderTotal(false, Cart::ONLY_WRAPPING, $order->product_list, $id_carrier));
$order->total_wrapping_tax_incl = (double) abs($this->context->cart->getOrderTotal(true, Cart::ONLY_WRAPPING, $order->product_list, $id_carrier));
$order->total_wrapping = $order->total_wrapping_tax_incl;
$order->total_paid_tax_excl = (double) Tools::ps_round((double) $this->context->cart->getOrderTotal(false, Cart::BOTH, $order->product_list, $id_carrier), _PS_PRICE_COMPUTE_PRECISION_);
$order->total_paid_tax_incl = (double) Tools::ps_round((double) $this->context->cart->getOrderTotal(true, Cart::BOTH, $order->product_list, $id_carrier), _PS_PRICE_COMPUTE_PRECISION_);
$order->total_paid = $order->total_paid_tax_incl;
$order->round_mode = Configuration::get('PS_PRICE_ROUND_MODE');
$order->invoice_date = '0000-00-00 00:00:00';
$order->delivery_date = '0000-00-00 00:00:00';
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Order is about to be added', 1, null, 'Cart', (int) $id_cart, true);
}
// Creating order
$result = $order->add();
if (!$result) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Order cannot be created', 3, null, 'Cart', (int) $id_cart, true);
throw new PrestaShopException('Can\'t save Order');
}
// Amount paid by customer is not the right one -> Status = payment error
// We don't use the following condition to avoid the float precision issues : http://www.php.net/manual/en/language.types.float.php
// if ($order->total_paid != $order->total_paid_real)
// We use number_format in order to compare two string
if ($order_status->logable && number_format($cart_total_paid, _PS_PRICE_COMPUTE_PRECISION_) != number_format($amount_paid, _PS_PRICE_COMPUTE_PRECISION_)) {
$id_order_state = Configuration::get('PS_OS_ERROR');
}
$order_list[] = $order;
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - OrderDetail is about to be added', 1, null, 'Cart', (int) $id_cart, true);
}
// Insert new Order detail list using cart for the current order
$order_detail = new OrderDetail(null, null, $this->context);
$order_detail->createList($order, $this->context->cart, $id_order_state, $order->product_list, 0, true, $package_list[$id_address][$id_package]['id_warehouse']);
$order_detail_list[] = $order_detail;
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - OrderCarrier is about to be added', 1, null, 'Cart', (int) $id_cart, true);
}
// Adding an entry in order_carrier table
if (!is_null($carrier)) {
$order_carrier = new OrderCarrier();
$order_carrier->id_order = (int) $order->id;
$order_carrier->id_carrier = (int) $id_carrier;
$order_carrier->weight = (double) $order->getTotalWeight();
$order_carrier->shipping_cost_tax_excl = (double) $order->total_shipping_tax_excl;
$order_carrier->shipping_cost_tax_incl = (double) $order->total_shipping_tax_incl;
$order_carrier->add();
}
}
}
// The country can only change if the address used for the calculation is the delivery address, and if multi-shipping is activated
if (Configuration::get('PS_TAX_ADDRESS_TYPE') == 'id_address_delivery') {
$this->context->country = $context_country;
}
if (!$this->context->country->active) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Country is not active', 3, null, 'Cart', (int) $id_cart, true);
throw new PrestaShopException('The order address country is not active.');
}
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Payment is about to be added', 1, null, 'Cart', (int) $id_cart, true);
}
// Register Payment only if the order status validate the order
if ($order_status->logable) {
// $order is the last order loop in the foreach
// The method addOrderPayment of the class Order make a create a paymentOrder
// linked to the order reference and not to the order id
if (isset($extra_vars['transaction_id'])) {
$transaction_id = $extra_vars['transaction_id'];
} else {
$transaction_id = null;
}
if (!$order->addOrderPayment($amount_paid, null, $transaction_id)) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Cannot save Order Payment', 3, null, 'Cart', (int) $id_cart, true);
throw new PrestaShopException('Can\'t save Order Payment');
}
}
// Next !
$only_one_gift = false;
$cart_rule_used = array();
$products = $this->context->cart->getProducts();
// Make sure CarRule caches are empty
CartRule::cleanCache();
foreach ($order_detail_list as $key => $order_detail) {
$order = $order_list[$key];
if (!$order_creation_failed && isset($order->id)) {
if (!$secure_key) {
$message .= '<br />' . Tools::displayError('Warning: the secure key is empty, check your payment account before validation');
}
// Optional message to attach to this order
if (isset($message) & !empty($message)) {
$msg = new Message();
$message = strip_tags($message, '<br>');
if (Validate::isCleanHtml($message)) {
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Message is about to be added', 1, null, 'Cart', (int) $id_cart, true);
}
$msg->message = $message;
$msg->id_order = (int) $order->id;
$msg->private = 1;
$msg->add();
}
}
// Insert new Order detail list using cart for the current order
//$orderDetail = new OrderDetail(null, null, $this->context);
//$orderDetail->createList($order, $this->context->cart, $id_order_state);
// Construct order detail table for the email
$products_list = '';
$virtual_product = true;
$ppropertiessmartprice_hook1 = null;
$product_var_tpl_list = array();
foreach ($order->product_list as $product) {
PP::smartyPPAssign(array('cart' => $product, 'currency' => $this->context->currency));
$price = Product::getPriceStatic((int) $product['id_product'], false, $product['id_product_attribute'] ? (int) $product['id_product_attribute'] : null, 6, null, false, true, array($product['cart_quantity'], $product['cart_quantity_fractional']), false, (int) $order->id_customer, (int) $order->id_cart, (int) $order->{Configuration::get('PS_TAX_ADDRESS_TYPE')});
$price_wt = Product::getPriceStatic((int) $product['id_product'], true, $product['id_product_attribute'] ? (int) $product['id_product_attribute'] : null, 2, null, false, true, array($product['cart_quantity'], $product['cart_quantity_fractional']), false, (int) $order->id_customer, (int) $order->id_cart, (int) $order->{Configuration::get('PS_TAX_ADDRESS_TYPE')});
$ppropertiessmartprice_hook2 = '';
$product_var_tpl = array('reference' => $product['reference'], 'name' => $product['name'] . (isset($product['attributes']) ? ' - ' . $product['attributes'] : '') . PP::smartyDisplayProductName(array('name' => '')) . $ppropertiessmartprice_hook2, 'unit_price' => PP::smartyDisplayPrice(array('price' => Product::getTaxCalculationMethod() == PS_TAX_EXC ? Tools::ps_round($price, 2) : $price_wt)), 'price' => PP::smartyDisplayPrice(array('price' => Product::getTaxCalculationMethod() == PS_TAX_EXC ? $product['total'] : $product['total_wt'], 'quantity' => (int) $product['cart_quantity'], 'm' => 'total')), 'quantity' => PP::smartyDisplayQty(array('quantity' => (int) $product['cart_quantity'])), 'customization' => array());
$customized_datas = Product::getAllCustomizedDatas((int) $order->id_cart);
$productHasCustomizedDatas = Product::hasCustomizedDatas($product, $customized_datas);
if ($productHasCustomizedDatas && isset($customized_datas[$product['id_product']][$product['id_product_attribute']])) {
$product_var_tpl['customization'] = array();
foreach ($customized_datas[$product['id_product']][$product['id_product_attribute']][$order->id_address_delivery] as $customization) {
if ($product['id_cart_product'] == $customization['id_cart_product']) {
$customization_text = '';
if (isset($customization['datas'][Product::CUSTOMIZE_TEXTFIELD])) {
foreach ($customization['datas'][Product::CUSTOMIZE_TEXTFIELD] as $text) {
$customization_text .= $text['name'] . ': ' . $text['value'] . '<br />';
}
}
if (isset($customization['datas'][Product::CUSTOMIZE_FILE])) {
$customization_text .= sprintf(Tools::displayError('%d image(s)'), count($customization['datas'][Product::CUSTOMIZE_FILE])) . '<br />';
}
$customization_quantity = (int) $product['customization_quantity'];
$product_var_tpl['customization'][] = array('customization_text' => $customization_text, 'customization_quantity' => PP::smartyDisplayQty(array('quantity' => $customization_quantity)), 'quantity' => PP::smartyDisplayPrice(array('price' => Product::getTaxCalculationMethod() == PS_TAX_EXC ? $product['total_customization'] : $product['total_customization_wt'], 'm' => 'total')));
}
}
}
$product_var_tpl_list[] = $product_var_tpl;
// Check if is not a virutal product for the displaying of shipping
if (!$product['is_virtual']) {
$virtual_product &= false;
}
}
// end foreach ($products)
PP::smartyPPAssign();
$product_list_txt = '';
$product_list_html = '';
if (count($product_var_tpl_list) > 0) {
$product_list_txt = $this->getEmailTemplateContent('order_conf_product_list.txt', Mail::TYPE_TEXT, $product_var_tpl_list);
$product_list_html = $this->getEmailTemplateContent('order_conf_product_list.tpl', Mail::TYPE_HTML, $product_var_tpl_list);
}
$cart_rules_list = array();
$total_reduction_value_ti = 0;
$total_reduction_value_tex = 0;
foreach ($cart_rules as $cart_rule) {
$package = array('id_carrier' => $order->id_carrier, 'id_address' => $order->id_address_delivery, 'products' => $order->product_list);
$values = array('tax_incl' => $cart_rule['obj']->getContextualValue(true, $this->context, CartRule::FILTER_ACTION_ALL_NOCAP, $package), 'tax_excl' => $cart_rule['obj']->getContextualValue(false, $this->context, CartRule::FILTER_ACTION_ALL_NOCAP, $package));
// If the reduction is not applicable to this order, then continue with the next one
if (!$values['tax_excl']) {
continue;
}
// IF
// This is not multi-shipping
// The value of the voucher is greater than the total of the order
// Partial use is allowed
// This is an "amount" reduction, not a reduction in % or a gift
// THEN
// The voucher is cloned with a new value corresponding to the remainder
if (count($order_list) == 1 && $values['tax_incl'] > $order->total_products_wt - $total_reduction_value_ti && $cart_rule['obj']->partial_use == 1 && $cart_rule['obj']->reduction_amount > 0) {
// Create a new voucher from the original
$voucher = new CartRule($cart_rule['obj']->id);
// We need to instantiate the CartRule without lang parameter to allow saving it
unset($voucher->id);
// Set a new voucher code
$voucher->code = empty($voucher->code) ? Tools::substr(md5($order->id . '-' . $order->id_customer . '-' . $cart_rule['obj']->id), 0, 16) : $voucher->code . '-2';
if (preg_match('/\\-([0-9]{1,2})\\-([0-9]{1,2})$/', $voucher->code, $matches) && $matches[1] == $matches[2]) {
$voucher->code = preg_replace('/' . $matches[0] . '$/', '-' . (int) ($matches[1] + 1), $voucher->code);
}
// Set the new voucher value
if ($voucher->reduction_tax) {
$voucher->reduction_amount = $total_reduction_value_ti + $values['tax_incl'] - $order->total_products_wt;
// Add total shipping amout only if reduction amount > total shipping
if ($voucher->free_shipping == 1 && $voucher->reduction_amount >= $order->total_shipping_tax_incl) {
$voucher->reduction_amount -= $order->total_shipping_tax_incl;
}
} else {
$voucher->reduction_amount = $total_reduction_value_tex + $values['tax_excl'] - $order->total_products;
// Add total shipping amout only if reduction amount > total shipping
if ($voucher->free_shipping == 1 && $voucher->reduction_amount >= $order->total_shipping_tax_excl) {
$voucher->reduction_amount -= $order->total_shipping_tax_excl;
}
}
if ($voucher->reduction_amount <= 0) {
continue;
}
$voucher->id_customer = $order->id_customer;
$voucher->quantity = 1;
$voucher->quantity_per_user = 1;
$voucher->free_shipping = 0;
if ($voucher->add()) {
// If the voucher has conditions, they are now copied to the new voucher
CartRule::copyConditions($cart_rule['obj']->id, $voucher->id);
$params = array('{voucher_amount}' => Tools::displayPrice($voucher->reduction_amount, $this->context->currency, false), '{voucher_num}' => $voucher->code, '{firstname}' => $this->context->customer->firstname, '{lastname}' => $this->context->customer->lastname, '{id_order}' => $order->reference, '{order_name}' => $order->getUniqReference());
Mail::Send((int) $order->id_lang, 'voucher', sprintf(Mail::l('New voucher for your order %s', (int) $order->id_lang), $order->reference), $params, $this->context->customer->email, $this->context->customer->firstname . ' ' . $this->context->customer->lastname, null, null, null, null, _PS_MAIL_DIR_, false, (int) $order->id_shop);
}
$values['tax_incl'] = $order->total_products_wt - $total_reduction_value_ti;
$values['tax_excl'] = $order->total_products - $total_reduction_value_tex;
}
$total_reduction_value_ti += $values['tax_incl'];
$total_reduction_value_tex += $values['tax_excl'];
$order->addCartRule($cart_rule['obj']->id, $cart_rule['obj']->name, $values, 0, $cart_rule['obj']->free_shipping);
if ($id_order_state != Configuration::get('PS_OS_ERROR') && $id_order_state != Configuration::get('PS_OS_CANCELED') && !in_array($cart_rule['obj']->id, $cart_rule_used)) {
$cart_rule_used[] = $cart_rule['obj']->id;
// Create a new instance of Cart Rule without id_lang, in order to update its quantity
$cart_rule_to_update = new CartRule($cart_rule['obj']->id);
$cart_rule_to_update->quantity = max(0, $cart_rule_to_update->quantity - 1);
$cart_rule_to_update->update();
}
$cart_rules_list[] = array('voucher_name' => $cart_rule['obj']->name, 'voucher_reduction' => ($values['tax_incl'] != 0.0 ? '-' : '') . Tools::displayPrice($values['tax_incl'], $this->context->currency, false));
}
$cart_rules_list_txt = '';
$cart_rules_list_html = '';
if (count($cart_rules_list) > 0) {
$cart_rules_list_txt = $this->getEmailTemplateContent('order_conf_cart_rules.txt', Mail::TYPE_TEXT, $cart_rules_list);
$cart_rules_list_html = $this->getEmailTemplateContent('order_conf_cart_rules.tpl', Mail::TYPE_HTML, $cart_rules_list);
}
// Specify order id for message
$old_message = Message::getMessageByCartId((int) $this->context->cart->id);
if ($old_message) {
$update_message = new Message((int) $old_message['id_message']);
$update_message->id_order = (int) $order->id;
$update_message->update();
// Add this message in the customer thread
$customer_thread = new CustomerThread();
$customer_thread->id_contact = 0;
$customer_thread->id_customer = (int) $order->id_customer;
$customer_thread->id_shop = (int) $this->context->shop->id;
$customer_thread->id_order = (int) $order->id;
$customer_thread->id_lang = (int) $this->context->language->id;
$customer_thread->email = $this->context->customer->email;
$customer_thread->status = 'open';
$customer_thread->token = Tools::passwdGen(12);
$customer_thread->add();
$customer_message = new CustomerMessage();
$customer_message->id_customer_thread = $customer_thread->id;
$customer_message->id_employee = 0;
$customer_message->message = $update_message->message;
$customer_message->private = 0;
if (!$customer_message->add()) {
$this->errors[] = Tools::displayError('An error occurred while saving message');
}
}
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Hook validateOrder is about to be called', 1, null, 'Cart', (int) $id_cart, true);
}
// Hook validate order
Hook::exec('actionValidateOrder', array('cart' => $this->context->cart, 'order' => $order, 'customer' => $this->context->customer, 'currency' => $this->context->currency, 'orderStatus' => $order_status));
foreach ($this->context->cart->getProducts() as $product) {
if ($order_status->logable) {
ProductSale::addProductSale((int) $product['id_product'], (int) $product['cart_quantity']);
}
}
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Order Status is about to be added', 1, null, 'Cart', (int) $id_cart, true);
}
// Set the order status
$new_history = new OrderHistory();
$new_history->id_order = (int) $order->id;
$new_history->changeIdOrderState((int) $id_order_state, $order, true);
$new_history->addWithemail(true, $extra_vars);
// Switch to back order if needed
if (Configuration::get('PS_STOCK_MANAGEMENT') && $order_detail->getStockState()) {
$history = new OrderHistory();
$history->id_order = (int) $order->id;
$history->changeIdOrderState(Configuration::get($order->valid ? 'PS_OS_OUTOFSTOCK_PAID' : 'PS_OS_OUTOFSTOCK_UNPAID'), $order, true);
$history->addWithemail();
}
unset($order_detail);
// Order is reloaded because the status just changed
$order = new Order($order->id);
// Send an e-mail to customer (one order = one email)
if ($id_order_state != Configuration::get('PS_OS_ERROR') && $id_order_state != Configuration::get('PS_OS_CANCELED') && $this->context->customer->id) {
$invoice = new Address($order->id_address_invoice);
$delivery = new Address($order->id_address_delivery);
$delivery_state = $delivery->id_state ? new State($delivery->id_state) : false;
$invoice_state = $invoice->id_state ? new State($invoice->id_state) : false;
$data = array('{firstname}' => $this->context->customer->firstname, '{lastname}' => $this->context->customer->lastname, '{email}' => $this->context->customer->email, '{delivery_block_txt}' => $this->_getFormatedAddress($delivery, "\n"), '{invoice_block_txt}' => $this->_getFormatedAddress($invoice, "\n"), '{delivery_block_html}' => $this->_getFormatedAddress($delivery, '<br />', array('firstname' => '<span style="font-weight:bold;">%s</span>', 'lastname' => '<span style="font-weight:bold;">%s</span>')), '{invoice_block_html}' => $this->_getFormatedAddress($invoice, '<br />', array('firstname' => '<span style="font-weight:bold;">%s</span>', 'lastname' => '<span style="font-weight:bold;">%s</span>')), '{delivery_company}' => $delivery->company, '{delivery_firstname}' => $delivery->firstname, '{delivery_lastname}' => $delivery->lastname, '{delivery_address1}' => $delivery->address1, '{delivery_address2}' => $delivery->address2, '{delivery_city}' => $delivery->city, '{delivery_postal_code}' => $delivery->postcode, '{delivery_country}' => $delivery->country, '{delivery_state}' => $delivery->id_state ? $delivery_state->name : '', '{delivery_phone}' => $delivery->phone ? $delivery->phone : $delivery->phone_mobile, '{delivery_other}' => $delivery->other, '{invoice_company}' => $invoice->company, '{invoice_vat_number}' => $invoice->vat_number, '{invoice_firstname}' => $invoice->firstname, '{invoice_lastname}' => $invoice->lastname, '{invoice_address2}' => $invoice->address2, '{invoice_address1}' => $invoice->address1, '{invoice_city}' => $invoice->city, '{invoice_postal_code}' => $invoice->postcode, '{invoice_country}' => $invoice->country, '{invoice_state}' => $invoice->id_state ? $invoice_state->name : '', '{invoice_phone}' => $invoice->phone ? $invoice->phone : $invoice->phone_mobile, '{invoice_other}' => $invoice->other, '{order_name}' => $order->getUniqReference(), '{date}' => Tools::displayDate(date('Y-m-d H:i:s'), null, 1), '{carrier}' => $virtual_product || !isset($carrier->name) ? Tools::displayError('No carrier') : $carrier->name, '{payment}' => Tools::substr($order->payment, 0, 32), '{products}' => $product_list_html, '{products_txt}' => $product_list_txt, '{discounts}' => $cart_rules_list_html, '{discounts_txt}' => $cart_rules_list_txt, '{total_paid}' => Tools::displayPrice($order->total_paid, $this->context->currency, false), '{total_products}' => Tools::displayPrice($order->total_paid - $order->total_shipping - $order->total_wrapping + $order->total_discounts, $this->context->currency, false), '{total_discounts}' => Tools::displayPrice($order->total_discounts, $this->context->currency, false), '{total_shipping}' => Tools::displayPrice($order->total_shipping, $this->context->currency, false), '{total_wrapping}' => Tools::displayPrice($order->total_wrapping, $this->context->currency, false), '{total_tax_paid}' => Tools::displayPrice($order->total_products_wt - $order->total_products + ($order->total_shipping_tax_incl - $order->total_shipping_tax_excl), $this->context->currency, false));
if (is_array($extra_vars)) {
$data = array_merge($data, $extra_vars);
}
// Join PDF invoice
if ((int) Configuration::get('PS_INVOICE') && $order_status->invoice && $order->invoice_number) {
$pdf = new PDF($order->getInvoicesCollection(), PDF::TEMPLATE_INVOICE, $this->context->smarty);
$file_attachement = array();
$file_attachement['content'] = $pdf->render(false);
$file_attachement['name'] = Configuration::get('PS_INVOICE_PREFIX', (int) $order->id_lang, null, $order->id_shop) . sprintf('%06d', $order->invoice_number) . '.pdf';
$file_attachement['mime'] = 'application/pdf';
} else {
$file_attachement = null;
}
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - Mail is about to be sent', 1, null, 'Cart', (int) $id_cart, true);
}
if (Validate::isEmail($this->context->customer->email)) {
Mail::Send((int) $order->id_lang, 'order_conf', Mail::l('Order confirmation', (int) $order->id_lang), $data, $this->context->customer->email, $this->context->customer->firstname . ' ' . $this->context->customer->lastname, null, null, $file_attachement, null, _PS_MAIL_DIR_, false, (int) $order->id_shop);
}
}
// updates stock in shops
if (Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT')) {
$product_list = $order->getProducts();
foreach ($product_list as $product) {
// if the available quantities depends on the physical stock
if (StockAvailable::dependsOnStock($product['product_id'])) {
// synchronizes
StockAvailable::synchronize($product['product_id'], $order->id_shop);
}
}
}
} else {
$error = Tools::displayError('Order creation failed');
PrestaShopLogger::addLog($error, 4, '0000002', 'Cart', (int) $order->id_cart);
die($error);
}
}
// End foreach $order_detail_list
// Update Order Details Tax in case cart rules have free shipping
foreach ($order->getOrderDetailList() as $detail) {
$order_detail = new OrderDetail($detail['id_order_detail']);
$order_detail->updateTaxAmount($order);
}
// Use the last order as currentOrder
if (isset($order) && $order->id) {
$this->currentOrder = (int) $order->id;
}
if (self::DEBUG_MODE) {
PrestaShopLogger::addLog('PaymentModule::validateOrder - End of validateOrder', 1, null, 'Cart', (int) $id_cart, true);
}
return true;
} else {
$error = Tools::displayError('Cart cannot be loaded or an order has already been placed using this cart');
PrestaShopLogger::addLog($error, 4, '0000001', 'Cart', (int) $this->context->cart->id);
die($error);
}
}
private function _addNewPrivateMessage($id_order, $message)
{
if (!$id_order) {
return false;
}
$msg = new Message();
$message = strip_tags($message, '<br>');
if (!Validate::isCleanHtml($message)) {
$message = $this->l('Payment message is not valid, please check your module.');
}
$msg->message = $message;
$msg->id_order = (int) $id_order;
$msg->private = 1;
return $msg->add();
}
/**
* Process vadiation before saving data
*/
private function _postValidation()
{
if (!Validate::isCleanHtml(Tools::getValue('module_height'))) {
$this->_postErrors[] = $this->l('The module height you entered was not allowed, sorry');
}
}
private function _postProcess()
{
$errors = array();
if (Tools::isSubmit('submitMoreOptions')) {
if (Tools::getValue('date_format') == '' or !Validate::isCleanHtml(Tools::getValue('date_format'))) {
$errors[] = $this->l('Date format is invalid');
}
if (!sizeof($errors)) {
Configuration::updateValue('DOD_EXTRA_TIME_PRODUCT_OOS', (int) Tools::getValue('extra_time_product_oos'));
Configuration::updateValue('DOD_EXTRA_TIME_PREPARATION', (int) Tools::getValue('extra_time_preparation'));
Configuration::updateValue('DOD_PREPARATION_SATURDAY', (int) Tools::isSubmit('preparation_saturday'));
Configuration::updateValue('DOD_PREPARATION_SUNDAY', (int) Tools::isSubmit('preparation_sunday'));
Configuration::updateValue('DOD_DATE_FORMAT', Tools::getValue('date_format'));
$this->_html .= $this->displayConfirmation($this->l('Settings are updated'));
} else {
$this->_html .= $this->displayError(implode('<br />', $errors));
}
}
if (Tools::isSubmit('submitCarrierRule')) {
if (!Validate::isUnsignedInt(Tools::getValue('minimal_time'))) {
$errors[] = $this->l('Minimum time is invalid');
}
if (!Validate::isUnsignedInt(Tools::getValue('maximal_time'))) {
$errors[] = $this->l('Maximum time is invalid');
}
if ($carrier = new Carrier((int) Tools::getValue('id_carrier')) and !Validate::isLoadedObject($carrier)) {
$errors[] = $this->l('Carrier is invalid');
}
if ($this->_isAlreadyDefinedForCarrier((int) $carrier->id, (int) Tools::getValue('id_carrier_rule', 0))) {
$errors[] = $this->l('You cannot use this carrier, a rule has already been saved.');
}
if (!sizeof($errors)) {
if (Tools::isSubmit('addCarrierRule')) {
if (Db::getInstance()->execute('
INSERT INTO `' . _DB_PREFIX_ . 'dateofdelivery_carrier_rule`(`id_carrier`, `minimal_time`, `maximal_time`, `delivery_saturday`, `delivery_sunday`)
VALUES (' . (int) $carrier->id . ', ' . (int) Tools::getValue('minimal_time') . ', ' . (int) Tools::getValue('maximal_time') . ', ' . (int) Tools::isSubmit('delivery_saturday') . ', ' . (int) Tools::isSubmit('delivery_sunday') . ')
')) {
Tools::redirectAdmin(AdminController::$currentIndex . '&configure=' . $this->name . '&token=' . Tools::getAdminTokenLite('AdminModules') . '&confirmAddCarrierRule');
} else {
$this->_html .= $this->displayError($this->l('An error occurred on adding of carrier rule.'));
}
} else {
if (Db::getInstance()->execute('
UPDATE `' . _DB_PREFIX_ . 'dateofdelivery_carrier_rule`
SET `id_carrier` = ' . (int) $carrier->id . ', `minimal_time` = ' . (int) Tools::getValue('minimal_time') . ', `maximal_time` = ' . (int) Tools::getValue('maximal_time') . ', `delivery_saturday` = ' . (int) Tools::isSubmit('delivery_saturday') . ', `delivery_sunday` = ' . (int) Tools::isSubmit('delivery_sunday') . '
WHERE `id_carrier_rule` = ' . (int) Tools::getValue('id_carrier_rule'))) {
Tools::redirectAdmin(AdminController::$currentIndex . '&configure=' . $this->name . '&token=' . Tools::getAdminTokenLite('AdminModules') . '&confirmEditCarrierRule');
} else {
$this->_html .= $this->displayError($this->l('An error occurred on updating of carrier rule.'));
}
}
} else {
$this->_html .= $this->displayError(implode('<br />', $errors));
}
}
if (Tools::isSubmit('deleteCarrierRule') and Tools::isSubmit('id_carrier_rule') and (int) Tools::getValue('id_carrier_rule') and $this->_isCarrierRuleExists((int) Tools::getValue('id_carrier_rule'))) {
$this->_deleteByIdCarrierRule((int) Tools::getValue('id_carrier_rule'));
$this->_html .= $this->displayConfirmation($this->l('Carrier rule deleted successfully'));
}
if (Tools::isSubmit('confirmAddCarrierRule')) {
$this->_html = $this->displayConfirmation($this->l('Carrier rule added successfully'));
}
if (Tools::isSubmit('confirmEditCarrierRule')) {
$this->_html = $this->displayConfirmation($this->l('Carrier rule updated successfully'));
}
}
/**
* Update shop SSL domain (for mono shop)
*/
public function updateOptionDomainSsl($value)
{
if (!Shop::isFeatureActive() && $this->url && $this->url->domain_ssl != $value) {
if (Validate::isCleanHtml($value)) {
$this->url->domain_ssl = $value;
$this->url->update();
Configuration::updateGlobalValue('PS_SHOP_DOMAIN_SSL', $value);
} else {
$this->errors[] = Tools::displayError('The SSL domain is not valid.');
}
}
}
/**
* Retrieves the id associated to the given code
*
* @static
* @param string $code
* @return int|bool
*/
public static function getIdByCode($code)
{
if (!Validate::isCleanHtml($code)) {
return false;
}
return Db::getInstance(_PS_USE_SQL_SLAVE_)->getValue('SELECT `id_cart_rule` FROM `' . _DB_PREFIX_ . 'cart_rule` WHERE `code` = \'' . pSQL($code) . '\'');
}
public static function create_category($parent, $name, $linkRewrite, $description = '', $meta_title = '', $meta_description = '', $meta_keywords = '')
{
$configuration = PS_CLI_CONFIGURE::getConfigurationInstance();
$category = new CMSCategory();
if (!Validate::isUnsignedId($parent)) {
echo "Error, {$parent} is not a valid category ID\n";
return false;
}
$parentCat = new CMSCategory($parent);
if (!Validate::isloadedObject($parentCat)) {
echo "Error: category {$parentCat} does not exists\n";
return false;
}
$category->id_parent = $parent;
if (!Validate::isName($name)) {
echo "Error, {$name} is not a valid category name\n";
return false;
}
$category->name = array($configuration->lang => $name);
if (!Validate::isLinkRewrite($linkRewrite)) {
echo "Error, {$linkRewrite} is not a valid link rewrite\n";
return false;
}
$category->link_rewrite = array($configuration->lang => $linkRewrite);
if (!Validate::isCleanHtml($description)) {
echo "Warning, {$description} is not a valid category description\n";
$description = '';
}
$category->description = array($configuration->lang => $description);
if (!Validate::isGenericName($meta_title)) {
echo "Warning, {$meta_title} is not a valid value for meta_title\n";
$meta_title = '';
}
$category->meta_title = array($configuration->lang => $meta_title);
if (!Validate::isGenericName($meta_description)) {
echo "Warning, {$meta_description} is not a valid value for meta_description\n";
$meta_description = '';
}
$category->meta_description = array($configuration->lang => $meta_description);
if (!Validate::isGenericName($meta_keywords)) {
echo "Warning, {$meta_keywords} is not a valid value for meta_keywords\n";
$meta_keywords = '';
}
$category->meta_keywords = array($configuration->lang => $meta_keywords);
if ($category->add()) {
if ($configuration->porcelain) {
echo $category->id_cms_category;
} else {
echo "Successfully created category {$category->id_cms_category}\n";
}
return true;
} else {
echo "Error, could not create category {$name}\n";
return false;
}
}
public function ajaxProcessGetBlogRss()
{
$return = array('has_errors' => false, 'rss' => array());
if (!$this->isFresh('/config/xml/blog-' . $this->context->language->iso_code . '.xml', 86400)) {
if (!$this->refresh('/config/xml/blog-' . $this->context->language->iso_code . '.xml', _PS_API_URL_ . '/rss/blog/blog-' . $this->context->language->iso_code . '.xml')) {
$return['has_errors'] = true;
}
}
if (!$return['has_errors']) {
$rss = @simplexml_load_file(_PS_ROOT_DIR_ . '/config/xml/blog-' . $this->context->language->iso_code . '.xml');
if (!$rss) {
$return['has_errors'] = true;
}
$articles_limit = 2;
if ($rss) {
foreach ($rss->channel->item as $item) {
if ($articles_limit > 0 && Validate::isCleanHtml((string) $item->title) && Validate::isCleanHtml((string) $item->description) && isset($item->link) && isset($item->title)) {
if (in_array($this->context->mode, array(Context::MODE_HOST, Context::MODE_HOST_CONTRIB))) {
$utm_content = 'cloud';
} else {
$utm_content = 'download';
}
$shop_default_country_id = (int) Configuration::get('PS_COUNTRY_DEFAULT');
$shop_default_iso_country = (string) Tools::strtoupper(Country::getIsoById($shop_default_country_id));
$analytics_params = array('utm_source' => 'back-office', 'utm_medium' => 'rss', 'utm_campaign' => 'back-office-' . $shop_default_iso_country, 'utm_content' => $utm_content);
$url_query = parse_url($item->link, PHP_URL_QUERY);
parse_str($url_query, $link_query_params);
if ($link_query_params) {
$full_url_params = array_merge($link_query_params, $analytics_params);
$base_url = explode('?', (string) $item->link);
$base_url = (string) $base_url[0];
$article_link = $base_url . '?' . http_build_query($full_url_params);
} else {
$article_link = (string) $item->link . '?' . http_build_query($analytics_params);
}
$return['rss'][] = array('date' => Tools::displayDate(date('Y-m-d', strtotime((string) $item->pubDate))), 'title' => (string) Tools::htmlentitiesUTF8($item->title), 'short_desc' => Tools::truncateString(strip_tags((string) $item->description), 150), 'link' => (string) $article_link);
} else {
break;
}
$articles_limit--;
}
}
}
die(Tools::jsonEncode($return));
}
/**
* Options lists
*/
public function displayOptionsList()
{
global $currentIndex, $cookie, $tab;
if (!isset($this->_fieldsOptions) or !sizeof($this->_fieldsOptions)) {
return false;
}
$defaultLanguage = (int) Configuration::get('PS_LANG_DEFAULT');
$this->_languages = Language::getLanguages(false);
$tab = Tab::getTab((int) $cookie->id_lang, Tab::getIdFromClassName($tab));
echo '<br /><br />';
echo isset($this->optionTitle) ? '<h2>' . $this->optionTitle . '</h2>' : '';
echo '
<script type="text/javascript">
id_language = Number(' . $defaultLanguage . ');
</script>
<form action="' . $currentIndex . '" id="' . $tab['name'] . '" name="' . $tab['name'] . '" method="post">
<fieldset>';
echo isset($this->optionTitle) ? '<legend>
<img src="' . (!empty($tab['module']) && file_exists($_SERVER['DOCUMENT_ROOT'] . _MODULE_DIR_ . $tab['module'] . '/' . $tab['class_name'] . '.gif') ? _MODULE_DIR_ . $tab['module'] . '/' : '../img/t/') . $tab['class_name'] . '.gif" />' . $this->optionTitle . '</legend>' : '';
foreach ($this->_fieldsOptions as $key => $field) {
$val = Tools::getValue($key, Configuration::get($key));
if ($field['type'] != 'textLang') {
if (!Validate::isCleanHtml($val)) {
$val = Configuration::get($key);
}
}
echo '<label>' . $field['title'] . ' </label>
<div class="margin-form">';
switch ($field['type']) {
case 'select':
echo '<select name="' . $key . '">';
foreach ($field['list'] as $value) {
echo '<option
value="' . (isset($field['cast']) ? $field['cast']($value[$field['identifier']]) : $value[$field['identifier']]) . '"' . ($val == $value[$field['identifier']] ? ' selected="selected"' : '') . '>' . $value['name'] . '</option>';
}
echo '</select>';
break;
case 'bool':
echo '<label class="t" for="' . $key . '_on"><img src="../img/admin/enabled.gif" alt="' . $this->l('Yes') . '" title="' . $this->l('Yes') . '" /></label>
<input type="radio" name="' . $key . '" id="' . $key . '_on" value="1"' . ($val ? ' checked="checked"' : '') . ' />
<label class="t" for="' . $key . '_on"> ' . $this->l('Yes') . '</label>
<label class="t" for="' . $key . '_off"><img src="../img/admin/disabled.gif" alt="' . $this->l('No') . '" title="' . $this->l('No') . '" style="margin-left: 10px;" /></label>
<input type="radio" name="' . $key . '" id="' . $key . '_off" value="0" ' . (!$val ? 'checked="checked"' : '') . '/>
<label class="t" for="' . $key . '_off"> ' . $this->l('No') . '</label>';
break;
case 'textLang':
foreach ($this->_languages as $language) {
$val = Tools::getValue($key . '_' . $language['id_lang'], Configuration::get($key, $language['id_lang']));
if (!Validate::isCleanHtml($val)) {
$val = Configuration::get($key);
}
echo '
<div id="' . $key . '_' . $language['id_lang'] . '" style="display: ' . ($language['id_lang'] == $defaultLanguage ? 'block' : 'none') . '; float: left;">
<input size="' . $field['size'] . '" type="text" name="' . $key . '_' . $language['id_lang'] . '" value="' . $val . '" />
</div>';
}
$this->displayFlags($this->_languages, $defaultLanguage, $key, $key);
echo '<br style="clear:both">';
break;
case 'textareaLang':
foreach ($this->_languages as $language) {
$val = Configuration::get($key, $language['id_lang']);
echo '
<div id="' . $key . '_' . $language['id_lang'] . '" style="display: ' . ($language['id_lang'] == $defaultLanguage ? 'block' : 'none') . '; float: left;">
<textarea rows="' . (int) $field['rows'] . '" cols="' . (int) $field['cols'] . '" name="' . $key . '_' . $language['id_lang'] . '">' . str_replace('\\r\\n', "\n", $val) . '</textarea>
</div>';
}
$this->displayFlags($this->_languages, $defaultLanguage, $key, $key);
echo '<br style="clear:both">';
break;
case 'text':
default:
echo '<input type="text" name="' . $key . '" value="' . $val . '" size="' . $field['size'] . '" />' . (isset($field['suffix']) ? $field['suffix'] : '');
}
if (isset($field['required']) and $field['required']) {
echo ' <sup>*</sup>';
}
echo isset($field['desc']) ? '<p>' . $field['desc'] . '</p>' : '';
echo '</div>';
}
echo '<div class="margin-form">
<input type="submit" value="' . $this->l(' Save ') . '" name="submitOptions' . $this->table . '" class="button" />
</div>
</fieldset>
<input type="hidden" name="token" value="' . $this->token . '" />
</form>';
}
public function ajaxProcessAddAttachment()
{
if (isset($_FILES['attachment_file'])) {
if ((int) $_FILES['attachment_file']['error'] === 1) {
$_FILES['attachment_file']['error'] = array();
$max_upload = (int) ini_get('upload_max_filesize');
$max_post = (int) ini_get('post_max_size');
$upload_mb = min($max_upload, $max_post);
$_FILES['attachment_file']['error'][] = sprintf($this->l('File %1$s exceeds the size allowed by the server. The limit is set to %2$d MB.'), '<b>' . $_FILES['attachment_file']['name'] . '</b> ', '<b>' . $upload_mb . '</b>');
}
$_FILES['attachment_file']['error'] = array();
$is_attachment_name_valid = false;
$attachment_names = Tools::getValue('attachment_name');
$attachment_descriptions = Tools::getValue('attachment_description');
if (!isset($attachment_names) || !$attachment_names) {
$attachment_names = array();
}
if (!isset($attachment_descriptions) || !$attachment_descriptions) {
$attachment_descriptions = array();
}
foreach ($attachment_names as $lang => $name) {
$language = Language::getLanguage((int) $lang);
if (Tools::strlen($name) > 0) {
$is_attachment_name_valid = true;
}
if (!Validate::isGenericName($name)) {
$_FILES['attachment_file']['error'][] = sprintf(Tools::displayError('Invalid name for %s language'), $language['name']);
} elseif (Tools::strlen($name) > 32) {
$_FILES['attachment_file']['error'][] = sprintf(Tools::displayError('The name for %1s language is too long (%2d chars max).'), $language['name'], 32);
}
}
foreach ($attachment_descriptions as $lang => $description) {
$language = Language::getLanguage((int) $lang);
if (!Validate::isCleanHtml($description)) {
$_FILES['attachment_file']['error'][] = sprintf(Tools::displayError('Invalid description for %s language'), $language['name']);
}
}
if (!$is_attachment_name_valid) {
$_FILES['attachment_file']['error'][] = Tools::displayError('An attachment name is required.');
}
if (empty($_FILES['attachment_file']['error'])) {
if (is_uploaded_file($_FILES['attachment_file']['tmp_name'])) {
if ($_FILES['attachment_file']['size'] > Configuration::get('PS_ATTACHMENT_MAXIMUM_SIZE') * 1024 * 1024) {
$_FILES['attachment_file']['error'][] = sprintf($this->l('The file is too large. Maximum size allowed is: %1$d kB. The file you\'re trying to upload is: %2$d kB.'), Configuration::get('PS_ATTACHMENT_MAXIMUM_SIZE') * 1024, number_format($_FILES['attachment_file']['size'] / 1024, 2, '.', ''));
} else {
do {
$uniqid = sha1(microtime());
} while (file_exists(_PS_DOWNLOAD_DIR_ . $uniqid));
if (!copy($_FILES['attachment_file']['tmp_name'], _PS_DOWNLOAD_DIR_ . $uniqid)) {
$_FILES['attachment_file']['error'][] = $this->l('File copy failed');
}
@unlink($_FILES['attachment_file']['tmp_name']);
}
} else {
$_FILES['attachment_file']['error'][] = Tools::displayError('The file is missing.');
}
if (empty($_FILES['attachment_file']['error']) && isset($uniqid)) {
$attachment = new Attachment();
foreach ($attachment_names as $lang => $name) {
$attachment->name[(int) $lang] = $name;
}
foreach ($attachment_descriptions as $lang => $description) {
$attachment->description[(int) $lang] = $description;
}
$attachment->file = $uniqid;
$attachment->mime = $_FILES['attachment_file']['type'];
$attachment->file_name = $_FILES['attachment_file']['name'];
if (empty($attachment->mime) || Tools::strlen($attachment->mime) > 128) {
$_FILES['attachment_file']['error'][] = Tools::displayError('Invalid file extension');
}
if (!Validate::isGenericName($attachment->file_name)) {
$_FILES['attachment_file']['error'][] = Tools::displayError('Invalid file name');
}
if (Tools::strlen($attachment->file_name) > 128) {
$_FILES['attachment_file']['error'][] = Tools::displayError('The file name is too long.');
}
if (empty($this->errors)) {
$res = $attachment->add();
if (!$res) {
$_FILES['attachment_file']['error'][] = Tools::displayError('This attachment was unable to be loaded into the database.');
} else {
$_FILES['attachment_file']['id_attachment'] = $attachment->id;
$_FILES['attachment_file']['filename'] = $attachment->name[$this->context->employee->id_lang];
$id_product = (int) Tools::getValue($this->identifier);
$res = $attachment->attachProduct($id_product);
if (!$res) {
$_FILES['attachment_file']['error'][] = Tools::displayError('We were unable to associate this attachment to a product.');
}
}
} else {
$_FILES['attachment_file']['error'][] = Tools::displayError('Invalid file');
}
}
}
die(Tools::jsonEncode($_FILES));
}
}
