public static function logHttpReferer()
{
global $cookie;
if (!isset($cookie->id_connections) or !Validate::isUnsignedId($cookie->id_connections)) {
return false;
}
if (!isset($_SERVER['HTTP_REFERER']) and !Configuration::get('TRACKING_DIRECT_TRAFFIC')) {
return false;
}
$source = new ConnectionsSource();
if (isset($_SERVER['HTTP_REFERER']) and Validate::isAbsoluteUrl($_SERVER['HTTP_REFERER'])) {
if (preg_replace('/^www./', '', parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST)) == preg_replace('/^www./', '', Tools::getHttpHost(false, false)) and !strncmp(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH), parse_url('http://' . Tools::getHttpHost(false, false) . __PS_BASE_URI__, PHP_URL_PATH), strlen(__PS_BASE_URI__))) {
return false;
}
if (Validate::isAbsoluteUrl(strval($_SERVER['HTTP_REFERER']))) {
$source->http_referer = strval($_SERVER['HTTP_REFERER']);
$source->keywords = trim(SearchEngine::getKeywords(strval($_SERVER['HTTP_REFERER'])));
if (!Validate::isMessage($source->keywords)) {
return false;
}
}
}
$source->id_connections = intval($cookie->id_connections);
$source->request_uri = Tools::getHttpHost(false, false);
if (isset($_SERVER['REDIRECT_URL'])) {
$source->request_uri .= strval($_SERVER['REDIRECT_URL']);
} elseif (isset($_SERVER['REQUEST_URI'])) {
$source->request_uri .= strval($_SERVER['REQUEST_URI']);
}
if (!Validate::isUrl($source->request_uri)) {
unset($source->request_uri);
}
return $source->add();
}
function processOrderStep($params)
{
global $cart, $smarty, $errors;
if (!isset($_POST['id_address_delivery']) or !Address::isCountryActiveById(intval($_POST['id_address_delivery']))) {
$errors[] = 'this address is not in a valid area';
} else {
$cart->id_address_delivery = intval($_POST['id_address_delivery']);
$cart->id_address_invoice = isset($_POST['same']) ? intval($_POST['id_address_delivery']) : intval($_POST['id_address_invoice']);
if (!$cart->update()) {
$errors[] = Tools::displayError('an error occured while updating your cart');
}
Module::hookExec('orderAddressVerification', array());
if (isset($_POST['message']) and !empty($_POST['message'])) {
if (!Validate::isMessage($_POST['message'])) {
$errors[] = Tools::displayError('invalid message');
} elseif ($oldMessage = Message::getMessageByCartId(intval($cart->id))) {
$message = new Message(intval($oldMessage['id_message']));
$message->message = htmlentities($_POST['message'], ENT_COMPAT, 'UTF-8');
$message->update();
} else {
$message = new Message();
$message->message = htmlentities($_POST['message'], ENT_COMPAT, 'UTF-8');
$message->id_cart = intval($cart->id);
$message->id_customer = intval($cart->id_customer);
$message->add();
}
}
}
}
/**
* Start forms process
* @see FrontController::postProcess()
*/
public function postProcess()
{
if (Tools::isSubmit('submitMessage')) {
$idOrder = (int) Tools::getValue('id_order');
$msgText = Tools::getValue('msgText');
if (!$idOrder || !Validate::isUnsignedId($idOrder)) {
$this->errors[] = Tools::displayError('The order is no longer valid.');
} elseif (empty($msgText)) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} elseif (!Validate::isMessage($msgText)) {
$this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).');
}
if (!count($this->errors)) {
$order = new Order($idOrder);
if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) {
//check if a thread already exist
$id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id);
$cm = new CustomerMessage();
if (!$id_customer_thread) {
$ct = new CustomerThread();
$ct->id_contact = 0;
$ct->id_customer = (int) $order->id_customer;
$ct->id_shop = (int) $this->context->shop->id;
if (($id_product = (int) Tools::getValue('id_product')) && $order->orderContainProduct((int) $id_product)) {
$ct->id_product = $id_product;
}
$ct->id_order = (int) $order->id;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $this->context->customer->email;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
} else {
$ct = new CustomerThread((int) $id_customer_thread);
}
$cm->id_customer_thread = $ct->id;
$cm->message = $msgText;
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->add();
if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
$to = strval(Configuration::get('PS_SHOP_EMAIL'));
} else {
$to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE'));
$to = strval($to->email);
}
$toName = strval(Configuration::get('PS_SHOP_NAME'));
$customer = $this->context->customer;
if (Validate::isLoadedObject($customer)) {
Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText)), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname);
}
if (Tools::getValue('ajax') != 'true') {
Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder);
}
$this->context->smarty->assign('message_confirmation', true);
} else {
$this->errors[] = Tools::displayError('Order not found');
}
}
}
}
function processOrderStep($params)
{
global $cart, $smarty, $errors, $isVirtualCart, $orderTotal;
$cart->recyclable = (isset($_POST['recyclable']) and !empty($_POST['recyclable'])) ? 1 : 0;
if (isset($_POST['gift']) and !empty($_POST['gift'])) {
if (!Validate::isMessage($_POST['gift_message'])) {
$errors[] = Tools::displayError('invalid gift message');
} else {
$cart->gift = 1;
$cart->gift_message = strip_tags($_POST['gift_message']);
}
} else {
$cart->gift = 0;
}
$address = new Address(intval($cart->id_address_delivery));
if (!Validate::isLoadedObject($address)) {
die(Tools::displayError());
}
if (!($id_zone = Address::getZoneById($address->id))) {
$errors[] = Tools::displayError('no zone match with your address');
}
if (isset($_POST['id_carrier']) and Validate::isInt($_POST['id_carrier']) and sizeof(Carrier::checkCarrierZone(intval($_POST['id_carrier']), intval($id_zone)))) {
$cart->id_carrier = intval($_POST['id_carrier']);
} elseif (!$isVirtualCart) {
$errors[] = Tools::displayError('invalid carrier or no carrier selected');
}
Module::hookExec('extraCarrierDetailsProcess', array('carrier' => new Carrier($cart->id_carrier)));
$cart->update();
}
function textRecord(Product $product, Cart $cart)
{
global $errors;
if (!($fieldIds = $product->getCustomizationFieldIds())) {
return false;
}
$authorizedTextFields = array();
foreach ($fieldIds as $fieldId) {
if ($fieldId['type'] == _CUSTOMIZE_TEXTFIELD_) {
$authorizedTextFields[intval($fieldId['id_customization_field'])] = 'textField' . intval($fieldId['id_customization_field']);
}
}
$indexes = array_flip($authorizedTextFields);
foreach ($_POST as $fieldName => $value) {
if (in_array($fieldName, $authorizedTextFields) and !empty($value)) {
if (!Validate::isMessage($value)) {
$errors[] = Tools::displayError('Invalid message');
} else {
$cart->addTextFieldToProduct(intval($product->id), $indexes[$fieldName], $value);
}
} elseif (in_array($fieldName, $authorizedTextFields) and empty($value)) {
$cart->deleteTextFieldFromProduct(intval($product->id), $indexes[$fieldName]);
}
}
}
public static function getKeywords($url)
{
$parsed_url = @parse_url($url);
if (!isset($parsed_url['host']) || !isset($parsed_url['query'])) {
return false;
}
$result = Db::getInstance(_PS_USE_SQL_SLAVE_)->executeS('SELECT `server`, `getvar` FROM `' . _DB_PREFIX_ . 'search_engine`');
foreach ($result as $row) {
$host =& $row['server'];
$varname =& $row['getvar'];
if (strstr($parsed_url['host'], $host)) {
$array = array();
preg_match('/[^a-z]' . $varname . '=.+\\&/U', $parsed_url['query'], $array);
if (empty($array[0])) {
preg_match('/[^a-z]' . $varname . '=.+$/', $parsed_url['query'], $array);
}
if (empty($array[0])) {
return false;
}
$str = urldecode(str_replace('+', ' ', ltrim(substr(rtrim($array[0], '&'), strlen($varname) + 1), '=')));
if (!Validate::isMessage($str)) {
return false;
}
return $str;
}
}
}
/**
* Update criterion
*
* @return boolean succeed
*/
public static function update($id_product_comment_criterion, $id_lang, $name)
{
if (!Validate::isUnsignedId($id_product_comment_criterion) || !Validate::isUnsignedId($id_lang) || !Validate::isMessage($name)) {
die(Tools::displayError());
}
return Db::getInstance()->Execute('
UPDATE `' . _DB_PREFIX_ . 'product_comment_criterion` SET
`name` = \'' . pSQL($name) . '\'
WHERE `id_product_comment_criterion` = ' . intval($id_product_comment_criterion) . ' AND
`id_lang` = ' . intval($id_lang));
}
public static function logHttpReferer(Cookie $cookie = null)
{
if (!$cookie) {
$cookie = Context::getContext()->cookie;
}
if (!isset($cookie->id_connections) || !Validate::isUnsignedId($cookie->id_connections)) {
return false;
}
if (!isset($_SERVER['HTTP_REFERER']) && !Configuration::get('TRACKING_DIRECT_TRAFFIC')) {
return false;
}
$source = new ConnectionsSource();
if (isset($_SERVER['HTTP_REFERER']) && Validate::isAbsoluteUrl($_SERVER['HTTP_REFERER'])) {
$parsed = parse_url($_SERVER['HTTP_REFERER']);
$parsed_host = parse_url(Tools::getProtocol() . Tools::getHttpHost(false, false) . __PS_BASE_URI__);
if (preg_replace('/^www./', '', $parsed['host']) == preg_replace('/^www./', '', Tools::getHttpHost(false, false)) && !strncmp($parsed['path'], $parsed_host['path'], strlen(__PS_BASE_URI__))) {
return false;
}
if (Validate::isAbsoluteUrl(strval($_SERVER['HTTP_REFERER']))) {
$source->http_referer = substr(strval($_SERVER['HTTP_REFERER']), 0, ConnectionsSource::$uri_max_size);
$source->keywords = trim(SearchEngine::getKeywords(strval($_SERVER['HTTP_REFERER'])));
if (!Validate::isMessage($source->keywords)) {
return false;
}
}
}
$source->id_connections = (int) $cookie->id_connections;
$source->request_uri = Tools::getHttpHost(false, false);
if (isset($_SERVER['REDIRECT_URL'])) {
$source->request_uri .= strval($_SERVER['REDIRECT_URL']);
} elseif (isset($_SERVER['REQUEST_URI'])) {
$source->request_uri .= strval($_SERVER['REQUEST_URI']);
}
if (!Validate::isUrl($source->request_uri)) {
$source->request_uri = '';
}
$source->request_uri = substr($source->request_uri, 0, ConnectionsSource::$uri_max_size);
return $source->add();
}
protected function _processCarrier()
{
self::$cart->recyclable = (int) Tools::getValue('recyclable');
self::$cart->gift = (int) Tools::getValue('gift');
if ((int) Tools::getValue('gift')) {
if (!Validate::isMessage($_POST['gift_message'])) {
$this->errors[] = Tools::displayError('Invalid gift message');
} else {
self::$cart->gift_message = strip_tags($_POST['gift_message']);
}
}
if (isset(self::$cookie->id_customer) and self::$cookie->id_customer) {
$address = new Address((int) self::$cart->id_address_delivery);
if (!($id_zone = Address::getZoneById($address->id))) {
$this->errors[] = Tools::displayError('No zone match with your address');
}
} else {
$id_zone = Country::getIdZone((int) Configuration::get('PS_COUNTRY_DEFAULT'));
}
if (Validate::isInt(Tools::getValue('id_carrier')) and sizeof(Carrier::checkCarrierZone((int) Tools::getValue('id_carrier'), (int) $id_zone))) {
self::$cart->id_carrier = (int) Tools::getValue('id_carrier');
} elseif (!self::$cart->isVirtualCart() and (int) Tools::getValue('id_carrier') != 0) {
$this->errors[] = Tools::displayError('Invalid carrier or no carrier selected');
}
Module::hookExec('processCarrier', array('cart' => self::$cart));
return self::$cart->update();
}
$return[strtoupper($key)] = utf8_encode(urldecode(stripslashes($val)));
}
}
if (isset($return['SIGNATURE']) and isset($return['CENAME']) and isset($return['DYPREPARATIONTIME']) and isset($return['DYFORWARDINGCHARGES']) and isset($return['TRCLIENTNUMBER']) and isset($return['ORDERID']) and isset($return['TRCLIENTNUMBER'])) {
if (!isset($return['ERRORCODE']) or $return['ERRORCODE'] == NULL or in_array($return['ERRORCODE'], $nonBlockingError)) {
if ($return['SIGNATURE'] === socolissimo::make_key($return['CENAME'], (double) $return['DYPREPARATIONTIME'], $return['DYFORWARDINGCHARGES'], $return['TRCLIENTNUMBER'], $return['ORDERID'])) {
global $cookie;
if (isset($cookie) or is_object($cookie)) {
if (saveOrderShippingDetails((int) $cookie->id_cart, (int) $return['TRCLIENTNUMBER'], $return)) {
global $cookie;
$cart = new Cart((int) $cookie->id_cart);
$TRPARAMPLUS = explode('|', Tools::getValue('TRPARAMPLUS'));
$cart->id_carrier = $TRPARAMPLUS[0];
$cart->gift = (int) $TRPARAMPLUS[1];
if ((int) $cart->gift) {
if (Validate::isMessage($TRPARAMPLUS[2])) {
$cart->gift_message = strip_tags($TRPARAMPLUS[2]);
}
}
if (!$cart->update()) {
Tools::redirect();
} else {
Tools::redirect('order.php?step=3&cgv=1');
}
} else {
echo '<div class="alert error"><img src="' . _PS_IMG_ . 'admin/forbbiden.gif" alt="nok" /> ' . $so->displaySoError('999') . '
<p><br/><a href="' . Tools::getProtocol(true) . htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8') . __PS_BASE_URI__ . 'order.php" class="button_small" title="Retour">« Retour</a></p></div>';
}
} else {
echo '<div class="alert error"><img src="' . _PS_IMG_ . 'admin/forbbiden.gif" alt="nok" /> ' . $so->displaySoError('999') . '
<p><br/><a href="' . Tools::getProtocol(true) . htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8') . __PS_BASE_URI__ . 'order.php" class="button_small" title="Retour">« Retour</a></p></div>';
protected function _processCarrier()
{
$this->context->cart->recyclable = (int) Tools::getValue('recyclable');
$this->context->cart->gift = (int) Tools::getValue('gift');
if ((int) Tools::getValue('gift')) {
if (!Validate::isMessage($_POST['gift_message'])) {
$this->errors[] = Tools::displayError('Invalid gift message.');
} else {
$this->context->cart->gift_message = strip_tags($_POST['gift_message']);
}
}
if (isset($this->context->customer->id) && $this->context->customer->id) {
$address = new Address((int) $this->context->cart->id_address_delivery);
if (!($id_zone = Address::getZoneById($address->id))) {
$this->errors[] = Tools::displayError('No zone matches your address.');
}
} else {
$id_zone = Country::getIdZone((int) Configuration::get('PS_COUNTRY_DEFAULT'));
}
if (Tools::getIsset('delivery_option')) {
if ($this->validateDeliveryOption(Tools::getValue('delivery_option'))) {
$this->context->cart->setDeliveryOption(Tools::getValue('delivery_option'));
}
} elseif (Tools::getIsset('id_carrier')) {
// For retrocompatibility reason, try to transform carrier to an delivery option list
$delivery_option_list = $this->context->cart->getDeliveryOptionList();
if (count($delivery_option_list) == 1) {
$delivery_option = reset($delivery_option_list);
$key = Cart::desintifier(Tools::getValue('id_carrier'));
foreach ($delivery_option_list as $id_address => $options) {
if (isset($options[$key])) {
$this->context->cart->id_carrier = (int) Tools::getValue('id_carrier');
$this->context->cart->setDeliveryOption(array($id_address => $key));
if (isset($this->context->cookie->id_country)) {
unset($this->context->cookie->id_country);
}
if (isset($this->context->cookie->id_state)) {
unset($this->context->cookie->id_state);
}
}
}
}
}
Hook::exec('actionCarrierProcess', array('cart' => $this->context->cart));
if (!$this->context->cart->update()) {
return false;
}
// Carrier has changed, so we check if the cart rules still apply
CartRule::autoRemoveFromCart($this->context);
CartRule::autoAddToCart($this->context);
return true;
}
public function postProcess()
{
${${"GLOBALS"}["thtbvco"]} = new Order((int) Tools::getValue("id_order"));
$difdqhzqxl = "id_order_seller";
if (!Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) {
$this->errors[] = Tools::displayError("Order not found or you do not have permission to view this order.");
return;
}
${"GLOBALS"}["fqitvbmdfl"] = "order";
${${"GLOBALS"}["gfrblyem"]} = AgileSellerManager::getObjectOwnerID("order", $order->id);
${"GLOBALS"}["bsmpehdujqe"] = "id_customer_seller";
${${"GLOBALS"}["taultlaseq"]} = AgileSellerManager::getLinkedSellerID($this->context->customer->id);
$qjwuyezbnwd = "order";
if (${$difdqhzqxl} != ${${"GLOBALS"}["taultlaseq"]} || ${${"GLOBALS"}["gfrblyem"]} <= 0 || ${${"GLOBALS"}["bsmpehdujqe"]} <= 0) {
$this->errors[] = Tools::displayError("You do not have permission to view this order.");
return;
}
if (Tools::isSubmit("submitShippingNumber") && isset(${${"GLOBALS"}["fqitvbmdfl"]})) {
${"GLOBALS"}["mllzihk"] = "order_carrier";
$fdknpwcl = "order_carrier";
${$fdknpwcl} = new OrderCarrier(Tools::getValue("id_order_carrier"));
if (!Validate::isLoadedObject(${${"GLOBALS"}["mllzihk"]})) {
$this->errors[] = Tools::displayError("The order carrier ID is invalid.");
} elseif (!Validate::isTrackingNumber(Tools::getValue("tracking_number"))) {
$this->errors[] = Tools::displayError("The tracking number is incorrect.");
} else {
$order->shipping_number = Tools::getValue("tracking_number");
$order->update();
$order_carrier->tracking_number = pSQL(Tools::getValue("tracking_number"));
if ($order_carrier->update()) {
$qvvnrvmsp = "templateVars";
${${"GLOBALS"}["cdmray"]} = new Customer((int) $order->id_customer);
$ijyvqhqokid = "carrier";
${"GLOBALS"}["mhbtmrqg"] = "templateVars";
${$ijyvqhqokid} = new Carrier((int) $order_carrier->id_carrier, $order->id_lang);
if (!Validate::isLoadedObject(${${"GLOBALS"}["cdmray"]})) {
throw new PrestaShopException("Can't load Customer object");
}
if (!Validate::isLoadedObject(${${"GLOBALS"}["tvqrewgc"]})) {
throw new PrestaShopException("Can't load Carrier object");
}
${${"GLOBALS"}["mhbtmrqg"]} = array("{followup}" => str_replace("@", $order_carrier->tracking_number, $carrier->url), "{firstname}" => $customer->firstname, "{lastname}" => $customer->lastname, "{id_order}" => $order->id, "{shipping_number}" => $order_carrier->tracking_number, "{order_name}" => $order->getUniqReference());
if (@Mail::Send((int) $order->id_lang, "in_transit", Mail::l('Package in transit', (int) $order->id_lang), ${$qvvnrvmsp}, $customer->email, $customer->firstname . " " . $customer->lastname, null, null, null, null, _PS_MAIL_DIR_, true, (int) $order->id_shop)) {
${"GLOBALS"}["rwzquyb"] = "order";
Hook::exec("actionAdminOrdersTrackingNumberUpdate", array("order" => ${${"GLOBALS"}["rwzquyb"]}, "customer" => ${${"GLOBALS"}["cdmray"]}, "carrier" => ${${"GLOBALS"}["tvqrewgc"]}), null, false, true, false, $order->id_shop);
} else {
$this->errors[] = Tools::displayError("An error occurred while sending an email to the customer.");
}
} else {
$this->errors[] = Tools::displayError("The order carrier cannot be updated.");
}
}
} elseif (Tools::isSubmit("submitState") && isset(${$qjwuyezbnwd})) {
${${"GLOBALS"}["bfrxhizen"]} = new OrderState(Tools::getValue("id_order_state"));
if (!Validate::isLoadedObject(${${"GLOBALS"}["bfrxhizen"]})) {
$this->errors[] = Tools::displayError("Invalid new order status");
} else {
${${"GLOBALS"}["rxsllerec"]} = $order->getCurrentOrderState();
if ($current_order_state->id != $order_state->id) {
$heccerkhiwt = "history";
${$heccerkhiwt} = new OrderHistory();
${"GLOBALS"}["uynetoegv"] = "templateVars";
$vriwvgqg = "templateVars";
$history->id_order = $order->id;
$history->id_employee = 1;
$history->changeIdOrderState($order_state->id, $order->id);
${${"GLOBALS"}["tvqrewgc"]} = new Carrier($order->id_carrier, $order->id_lang);
${$vriwvgqg} = array();
if ($history->id_order_state == Configuration::get("PS_OS_SHIPPING") && $order->shipping_number) {
${${"GLOBALS"}["nkwobosfw"]} = array("{followup}" => str_replace("@", $order->shipping_number, $carrier->url));
} elseif ($history->id_order_state == Configuration::get("PS_OS_CHEQUE")) {
${${"GLOBALS"}["nkwobosfw"]} = array("{cheque_name}" => Configuration::get("CHEQUE_NAME") ? Configuration::get("CHEQUE_NAME") : "", "{cheque_address_html}" => Configuration::get("CHEQUE_ADDRESS") ? nl2br(Configuration::get("CHEQUE_ADDRESS")) : "");
} elseif ($history->id_order_state == Configuration::get("PS_OS_BANKWIRE")) {
${${"GLOBALS"}["nkwobosfw"]} = array("{bankwire_owner}" => Configuration::get("BANK_WIRE_OWNER") ? Configuration::get("BANK_WIRE_OWNER") : "", "{bankwire_details}" => Configuration::get("BANK_WIRE_DETAILS") ? nl2br(Configuration::get("BANK_WIRE_DETAILS")) : "", "{bankwire_address}" => Configuration::get("BANK_WIRE_ADDRESS") ? nl2br(Configuration::get("BANK_WIRE_ADDRESS")) : "");
}
if (!$history->addWithemail(true, ${${"GLOBALS"}["uynetoegv"]})) {
$this->errors[] = Tools::displayError("An error occurred while changing the status or was unable to send e-mail to the customer.");
}
} else {
$this->errors[] = Tools::displayError("This order is already assigned this status");
}
}
if (empty($this->errors)) {
self::$smarty->assign("cfmmsg_flag", 1);
}
}
if (Tools::isSubmit("submitMessage")) {
$ipovlstkh = "idOrder";
${${"GLOBALS"}["pfwbejwlah"]} = (int) Tools::getValue("id_order");
${${"GLOBALS"}["nioumgdgj"]} = Tools::getValue("msgText");
${"GLOBALS"}["tumvnnp"] = "msgText";
if (!${${"GLOBALS"}["pfwbejwlah"]} || !Validate::isUnsignedId(${$ipovlstkh})) {
$this->errors[] = Tools::displayError("Order is no longer valid");
} else {
if (empty(${${"GLOBALS"}["nioumgdgj"]})) {
$this->errors[] = Tools::displayError("Message cannot be blank");
} else {
if (!Validate::isMessage(${${"GLOBALS"}["tumvnnp"]})) {
$this->errors[] = Tools::displayError("Message is invalid (HTML is not allowed)");
}
}
}
if (!count($this->errors)) {
$svycwjflohh = "idOrder";
${${"GLOBALS"}["thtbvco"]} = new Order(${$svycwjflohh});
if (Validate::isLoadedObject(${${"GLOBALS"}["thtbvco"]})) {
${"GLOBALS"}["pcdbkuo"] = "cm";
${"GLOBALS"}["qejrcjwlidu"] = "to";
${${"GLOBALS"}["nbpumdloal"]} = new Employee();
$iilmenu = "seller";
${$iilmenu} = $emp->getbyEmail($this->context->customer->email);
$ucwaikq = "customer";
${$ucwaikq} = new Customer($order->id_customer);
${${"GLOBALS"}["ryhapbx"]} = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($customer->email, $order->id);
${"GLOBALS"}["pnxcso"] = "id_customer_thread";
${${"GLOBALS"}["pcdbkuo"]} = new CustomerMessage();
${"GLOBALS"}["csptele"] = "ct";
$pykymotfmtq = "fromName";
if (!${${"GLOBALS"}["pnxcso"]}) {
${"GLOBALS"}["azdvluwhw"] = "id_product";
${"GLOBALS"}["fpmtmpmcoy"] = "id_product";
$vckfnym = "id_product";
${${"GLOBALS"}["docrub"]} = new CustomerThread();
$ct->id_contact = 2;
$ct->id_customer = (int) $order->id_customer;
$ct->id_shop = (int) $this->context->shop->id;
${$vckfnym} = (int) Tools::getValue("id_product");
if (${${"GLOBALS"}["fxogbxc"]} && $order->orderContainProduct(${${"GLOBALS"}["azdvluwhw"]})) {
$ct->id_product = ${${"GLOBALS"}["fpmtmpmcoy"]};
}
$ct->id_order = (int) $order->id;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $customer->email;
$ct->status = "open";
$ct->token = Tools::passwdGen(12);
$ct->add();
} else {
${${"GLOBALS"}["csptele"]} = new CustomerThread((int) ${${"GLOBALS"}["ryhapbx"]});
}
$qlkkcochivs = "msgText";
$cm->id_customer_thread = $ct->id;
$cm->message = ${${"GLOBALS"}["nioumgdgj"]};
$cm->ip_address = ip2long($_SERVER["REMOTE_ADDR"]);
$cm->id_employee = $seller->id;
$cm->add();
$mwsicth = "fromName";
${"GLOBALS"}["lhbflpuhi"] = "customer";
${${"GLOBALS"}["oatuem"]} = $customer->email;
${${"GLOBALS"}["xtxkthxeqll"]} = $customer->firstname . " " . $customer->lastname;
${${"GLOBALS"}["sormbzxw"]} = $seller->email;
${$mwsicth} = $seller->firstname . " " . $seller->lastname;
if (Validate::isLoadedObject(${${"GLOBALS"}["lhbflpuhi"]})) {
Mail::Send($this->context->language->id, "order_merchant_comment", Mail::l('Message from a seller'), array("{lastname}" => $customer->lastname, "{firstname}" => $customer->firstname, "{email}" => $customer->email, "{id_order}" => (int) $order->id, "{order_name}" => $order->getUniqReference(), "{message}" => Tools::nl2br(${$qlkkcochivs})), ${${"GLOBALS"}["qejrcjwlidu"]}, ${${"GLOBALS"}["xtxkthxeqll"]}, ${${"GLOBALS"}["sormbzxw"]}, ${$pykymotfmtq});
}
} else {
$this->errors[] = Tools::displayError("Order not found");
}
}
}
}
function processCarrier()
{
global $cart, $smarty, $isVirtualCart, $orderTotal;
$errors = array();
$cart->recyclable = (isset($_POST['recyclable']) and !empty($_POST['recyclable'])) ? 1 : 0;
if (isset($_POST['gift']) and !empty($_POST['gift'])) {
if (!Validate::isMessage($_POST['gift_message'])) {
$errors[] = Tools::displayError('invalid gift message');
} else {
$cart->gift = 1;
$cart->gift_message = strip_tags($_POST['gift_message']);
}
} else {
$cart->gift = 0;
}
$address = new Address(intval($cart->id_address_delivery));
if (!Validate::isLoadedObject($address)) {
die(Tools::displayError());
}
if (!($id_zone = Address::getZoneById($address->id))) {
$errors[] = Tools::displayError('no zone match with your address');
}
if (isset($_POST['id_carrier']) and Validate::isInt($_POST['id_carrier']) and sizeof(Carrier::checkCarrierZone(intval($_POST['id_carrier']), intval($id_zone)))) {
$cart->id_carrier = intval($_POST['id_carrier']);
} elseif (!$isVirtualCart) {
$errors[] = Tools::displayError('invalid carrier or no carrier selected');
}
$cart->update();
if (sizeof($errors)) {
$smarty->assign('errors', $errors);
displayCarrier();
include dirname(__FILE__) . '/footer.php';
exit;
}
$orderTotal = $cart->getOrderTotal();
}
public function postProcess()
{
if (Tools::isSubmit('submitCloseClaim')) {
$id_mf_claim = (int) Tools::getValue('id_mf_claim');
if (!$id_mf_claim || !Validate::isUnsignedId($id_mf_claim)) {
$this->errors[] = $this->l('The claim is no longer valid.');
} else {
$claim = new MediafinanzClaim($id_mf_claim);
if (!Validate::isLoadedObject($claim)) {
$this->errors[] = $this->l('The Claim cannot be found');
} else {
try {
$res = $this->module->closeClaim($claim->file_number);
if ($res) {
$this->confirmations[] = $this->l('The Claim has been closed');
} else {
$this->errors[] = $this->l('The Claim has not been closed');
}
} catch (Exception $e) {
$this->errors[] = $this->l('The Claim has not been closed');
$this->errors[] = $e->getMessage();
Mediafinanz::logToFile($e->getMessage(), 'general');
}
}
}
}
if (Tools::isSubmit('submitBookDirectPayment')) {
$id_mf_claim = (int) Tools::getValue('id_mf_claim');
$amount = str_replace(',', '.', Tools::getValue('paidAmount'));
if (!$id_mf_claim || !Validate::isUnsignedId($id_mf_claim)) {
$this->errors[] = $this->l('The Claim is no longer valid.');
} else {
$claim = new MediafinanzClaim($id_mf_claim);
if (!Validate::isLoadedObject($claim)) {
$this->errors[] = $this->l('The Claim cannot be found');
} elseif (!Validate::isDate(Tools::getValue('dateOfPayment'))) {
$this->errors[] = $this->l('The date of payment is invalid');
} elseif (!Validate::isPrice($amount)) {
$this->errors[] = $this->l('The paid amount is invalid.');
} else {
try {
$direct_payment = array('dateOfPayment' => Tools::getValue('dateOfPayment'), 'paidAmount' => $amount);
$res = $this->module->bookDirectPayment($claim->file_number, $direct_payment);
if ($res) {
$this->confirmations[] = $this->l('Direct payment has been booked');
} else {
$this->errors[] = $this->l('Direct payment has not been booked');
}
} catch (Exception $e) {
$this->errors[] = $this->l('Direct payment has not been booked');
$this->errors[] = $e->getMessage();
Mediafinanz::logToFile($e->getMessage(), 'general');
}
}
}
}
if (Tools::isSubmit('submitMessage')) {
$id_mf_claim = (int) Tools::getValue('id_mf_claim');
$msg_text = Tools::getValue('message');
if (!$id_mf_claim || !Validate::isUnsignedId($id_mf_claim)) {
$this->errors[] = $this->l('The claim is no longer valid.');
} elseif (empty($msg_text)) {
$this->errors[] = $this->l('The message cannot be blank.');
} elseif (!Validate::isMessage($msg_text)) {
$this->errors[] = $this->l('This message is invalid (HTML is not allowed).');
}
if (!count($this->errors)) {
$claim = new MediafinanzClaim($id_mf_claim);
if (Validate::isLoadedObject($claim)) {
try {
$res = $this->module->sendMessage($claim->file_number, $msg_text);
if (!$res) {
$this->errors[] = $this->l('The Message has not been sent');
} else {
$this->confirmations[] = $this->l('The Message has been sent');
}
} catch (Exception $e) {
$this->errors[] = $this->l('The Message has not been sent');
$this->errors[] = $e->getMessage();
Mediafinanz::logToFile($e->getMessage(), 'general');
}
} else {
$this->errors[] = $this->l('The Claim not found');
}
}
}
/*if (Tools::isSubmit('update_claims_statuses'))
{*/
if ($this->display == '') {
try {
$this->module->updateClaimsStatuses();
} catch (Exception $e) {
$this->_errors[] = $e->getMessage();
Mediafinanz::logToFile($e->getMessage(), 'general');
}
}
//}
if (Tools::isSubmit('submitCreateClaims')) {
$order_ids = Tools::getValue('order_list');
$claim = Tools::getValue('claim');
$debtor = Tools::getValue('debtor');
$list = Db::getInstance()->executeS('SELECT a.`id_order`, a.`id_shop` FROM `' . _DB_PREFIX_ . 'orders` a LEFT JOIN `' . _DB_PREFIX_ . 'orders` o ON (o.`id_order` = a.`id_order` AND o.`id_shop` = a.`id_shop`) LEFT JOIN ' . _DB_PREFIX_ . 'mf_claims c ON a.`id_order`=c.`id_order` AND c.`sandbox`=' . (int) Configuration::get('MEDIAFINANZ_SANDBOX') . ' WHERE c.`id_order` IS NULL AND a.`id_order` IN (' . implode(', ', array_map('intval', $order_ids)) . ')' . Shop::addSqlRestriction(Shop::SHARE_ORDER, 'a', 'shop'));
foreach ($list as $row) {
$id = $row['id_order'];
$debtor_to = array('id' => $debtor[$id]['id'], 'address' => $debtor[$id]['address'], 'firstname' => $debtor[$id]['firstname'], 'lastname' => $debtor[$id]['lastname'], 'company' => $debtor[$id]['company'], 'co' => '', 'street' => $debtor[$id]['street'], 'postcode' => $debtor[$id]['postcode'], 'city' => $debtor[$id]['city'], 'country' => $debtor[$id]['country'], 'telephone1' => $debtor[$id]['telephone1'], 'telephone2' => $debtor[$id]['telephone2'], 'email' => $debtor[$id]['email']);
$claim_to = array('invoice' => $claim[$id]['invoice'], 'type' => $claim[$id]['type'], 'reason' => $claim[$id]['reason'], 'originalValue' => $claim[$id]['originalvalue'], 'overdueFees' => $claim[$id]['overduefees'], 'dateOfOrigin' => $claim[$id]['dateoforigin'], 'dateOfLastReminder' => $claim[$id]['dateoflastreminder'], 'note' => $claim[$id]['note']);
try {
$result = $this->module->newClaim($claim_to, $debtor_to);
if (!empty($result->fileNumber)) {
$mf = new MediafinanzClaim();
$mf->id_order = $claim[$id]['invoice'];
$mf->file_number = $result->fileNumber;
$mf->firstname = $debtor[$id]['firstname'];
$mf->lastname = $debtor[$id]['lastname'];
$mf->id_shop = $row['id_shop'];
$mf->sandbox = (int) Configuration::get('MEDIAFINANZ_SANDBOX');
$mf->add();
$claim_status = $this->module->getClaimStatus($result->fileNumber, $row['id_shop']);
if ($mf->status_code != $claim_status->statusCode) {
$mf->status_code = $claim_status->statusCode;
$mf->status_text = $claim_status->statusText;
if (isset($claim_status->statusDetails)) {
$mf->status_details = $claim_status->statusDetails;
} else {
$mf->status_details = '';
}
$mf->date_change = date('Y-m-d H:i:s');
$mf->save();
}
//change state
$this->module->changeOrderState($claim[$id]['invoice'], Configuration::get('PS_OS_MF_INKASSO'));
} else {
foreach ($result->errorList as $error_msg) {
$this->errors[] = $this->l('Order') . ' - ' . $row['id_order'] . ': ' . $error_msg;
}
}
} catch (Exception $e) {
$this->errors[] = $this->l('Order') . ' - ' . $row['id_order'] . ': ' . $e->getMessage();
Mediafinanz::logToFile($this->l('Order') . ' - ' . $row['id_order'] . ': ' . $e->getMessage(), 'general');
}
}
}
parent::postProcess();
}
public function displayFrontForm()
{
global $smarty, $cookie, $link;
session_start();
$errors = array();
$product = new Product((int) Tools::getValue('id_product'), false, (int) $cookie->id_lang);
$productlink = $link->getProductLink($product);
include_once dirname(__FILE__) . '/securimage/securimage.php';
$securimage = new Securimage();
$valid = $securimage->check($code = Tools::getValue('captcha_code'));
if (Tools::isSubmit('submitAskMoreInfoFront')) {
$message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (!($name = Tools::getValue('name')) && !$cookie->isLogged()) {
$errors[] = $this->l('Enter your name.');
} elseif (!Validate::isName($name) && !$cookie->isLogged()) {
$errors[] = $this->l('Sorry, but the name is invalid.');
} elseif (!($email = Tools::getValue('email')) && !$cookie->isLogged()) {
$errors[] = $this->l('Enter your e-mail address.');
} elseif (!Validate::isEmail($email) && !$cookie->isLogged()) {
$errors[] = $this->l('Sorry, but the e-mail address is invalid.');
} elseif (!($message = nl2br2($message))) {
$errors[] = $this->l('Enter a message.');
} elseif (!Validate::isMessage($message)) {
$errors[] = $this->l('Sorry, but the message is invalid');
} elseif (!$code && (int) Configuration::get('ASK_CAPTCHA')) {
$errors[] = $this->l('Enter the security code.');
} elseif (!$valid && (int) Configuration::get('ASK_CAPTCHA')) {
$errors[] = $this->l('Sorry, but the security code is not right.');
} elseif (!isset($_GET['id_product']) or !is_numeric($_GET['id_product'])) {
$errors[] = $this->l('An error occurred during the process.');
} else {
$subject = ($cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : $this->l('A visitor')) . ' ' . $this->l('requires more information about') . ' ' . $product->name;
$templateVars = array('{product}' => $product->name, '{product_link}' => $productlink, '{customer}' => $cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : $this->l('A visitor'), '{name}' => $cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : Tools::safeOutput($name), '{email}' => $cookie->email ? $cookie->email : Tools::safeOutput($email), '{message}' => stripslashes($message));
if (Mail::Send((int) $cookie->id_lang, 'askmoreinfo', Mail::l($subject), $templateVars, Configuration::get('PS_SHOP_EMAIL'), NULL, $cookie->email ? $cookie->email : NULL, $cookie->customer_firstname ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : NULL, NULL, NULL, dirname(__FILE__) . '/mails/')) {
$smarty->assign('confirmation', 1);
} else {
$errors[] = $this->l('Sorry, an error occurred while sending message');
}
}
}
$images = $product->getImages((int) $cookie->id_lang);
foreach ($images as $image) {
if ($image['cover']) {
$cover['id_image'] = (int) $product->id . '-' . (int) $image['id_image'];
$cover['legend'] = $image['legend'];
}
}
if (!isset($cover)) {
$cover = array('id_image' => Language::getIsoById((int) $cookie->id_lang) . '-default', 'legend' => 'No picture');
}
$smarty->assign(array('customer_logged' => $cookie->customer_firstname, 'captcha' => (int) Configuration::get('ASK_CAPTCHA') == 1 ? true : false, 'askmoreinfo_imagesize' => Image::getSize('home'), 'cover' => $cover, 'errors' => $errors, 'product' => $product, 'productlink' => $productlink));
return $this->display(__FILE__, 'maofree_askmoreinfo.tpl');
}
public function ajaxProcessAddProductOnOrder()
{
// Load object
$order = new Order((int) Tools::getValue('id_order'));
if (!Validate::isLoadedObject($order)) {
die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('The order object cannot be loaded.'))));
}
if ($order->hasBeenShipped()) {
die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('You cannot add products to delivered orders. '))));
}
$product_informations = $_POST['add_product'];
if (isset($_POST['add_invoice'])) {
$invoice_informations = $_POST['add_invoice'];
} else {
$invoice_informations = array();
}
$product = new Product($product_informations['product_id'], false, $order->id_lang);
if (!Validate::isLoadedObject($product)) {
die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('The product object cannot be loaded.'))));
}
if (isset($product_informations['product_attribute_id']) && $product_informations['product_attribute_id']) {
$combination = new Combination($product_informations['product_attribute_id']);
if (!Validate::isLoadedObject($combination)) {
die(Tools::jsonEncode(array('result' => false, 'error' => Tools::displayError('The combination object cannot be loaded.'))));
}
}
// Total method
$total_method = Cart::BOTH_WITHOUT_SHIPPING;
// Create new cart
$cart = new Cart();
$cart->id_shop_group = $order->id_shop_group;
$cart->id_shop = $order->id_shop;
$cart->id_customer = $order->id_customer;
$cart->id_carrier = $order->id_carrier;
$cart->id_address_delivery = $order->id_address_delivery;
$cart->id_address_invoice = $order->id_address_invoice;
$cart->id_currency = $order->id_currency;
$cart->id_lang = $order->id_lang;
$cart->secure_key = $order->secure_key;
// Save new cart
$cart->add();
if (!($field_ids = $product->getCustomizationFieldIds())) {
return false;
}
$authorized_text_fields = array();
$authorized_text_fields_2 = array();
$i = 0;
foreach ($field_ids as $field_id) {
if ($field_id['type'] == Product::CUSTOMIZE_TEXTFIELD) {
$authorized_text_fields[(int) $field_id['id_customization_field']] = 'textField' . (int) $field_id['id_customization_field'];
$authorized_text_fields_2[(int) $field_id['id_customization_field']] = 'textField' . $i;
$i++;
}
}
$indexes = array_flip($authorized_text_fields);
foreach ($_POST as $field_name => $value) {
if (in_array($field_name, $authorized_text_fields_2) && $value != '') {
if (!Validate::isMessage($value)) {
$this->errors[] = Tools::displayError('Invalid message');
} else {
$key = array_search($field_name, $authorized_text_fields_2);
$r1 = $cart->_addCustomizationAdminOrder($product->id, $product_informations['product_attribute_id'], $indexes['textField' . $key], Product::CUSTOMIZE_TEXTFIELD, $value, $product_informations['product_quantity'], $order->id_cart, $cart->id_address_delivery);
}
} else {
if (in_array($field_name, $authorized_text_fields) && $value == '') {
$key = array_search($field_name, $authorized_text_fields_2);
$r1 = $cart->deleteCustomizationToProduct((int) $product->id, $indexes['textField' . $key]);
}
}
}
$cart->_updateCustomizationAdminOrder($product->id, $product_informations['product_attribute_id'], Product::CUSTOMIZE_TEXTFIELD, $product_informations['product_quantity'], $order->id_cart, $cart->id_address_delivery);
// Save context (in order to apply cart rule)
$this->context->cart = $cart;
$this->context->customer = new Customer($order->id_customer);
// always add taxes even if there are not displayed to the customer
$use_taxes = true;
$initial_product_price_tax_incl = Product::getPriceStatic($product->id, $use_taxes, isset($combination) ? $combination->id : null, 2, null, false, true, 1, false, $order->id_customer, $cart->id, $order->{Configuration::get('PS_TAX_ADDRESS_TYPE', null, null, $order->id_shop)});
// Creating specific price if needed
if ($product_informations['product_price_tax_incl'] != $initial_product_price_tax_incl) {
$specific_price = new SpecificPrice();
$specific_price->id_shop = 0;
$specific_price->id_shop_group = 0;
$specific_price->id_currency = 0;
$specific_price->id_country = 0;
$specific_price->id_group = 0;
$specific_price->id_customer = $order->id_customer;
$specific_price->id_product = $product->id;
if (isset($combination)) {
$specific_price->id_product_attribute = $combination->id;
} else {
$specific_price->id_product_attribute = 0;
}
$specific_price->price = $product_informations['product_price_tax_excl'];
$specific_price->from_quantity = 1;
$specific_price->reduction = 0;
$specific_price->reduction_type = 'amount';
$specific_price->from = '0000-00-00 00:00:00';
$specific_price->to = '0000-00-00 00:00:00';
$specific_price->add();
}
// Add product to cart
$update_quantity = $cart->updateQty($product_informations['product_quantity'], $product->id, isset($product_informations['product_attribute_id']) ? $product_informations['product_attribute_id'] : null, isset($combination) ? $combination->id : null, 'up', 0, new Shop($cart->id_shop));
var_dump($cart->getProducts());
if ($update_quantity < 0) {
// If product has attribute, minimal quantity is set with minimal quantity of attribute
$minimal_quantity = $product_informations['product_attribute_id'] ? Attribute::getAttributeMinimalQty($product_informations['product_attribute_id']) : $product->minimal_quantity;
die(Tools::jsonEncode(array('error' => sprintf(Tools::displayError('You must add %d minimum quantity', false), $minimal_quantity))));
} elseif (!$update_quantity) {
die(Tools::jsonEncode(array('error' => Tools::displayError('You already have the maximum quantity available for this product.', false))));
}
// If order is valid, we can create a new invoice or edit an existing invoice
if ($order->hasInvoice()) {
$order_invoice = new OrderInvoice($product_informations['invoice']);
// Create new invoice
if ($order_invoice->id == 0) {
// If we create a new invoice, we calculate shipping cost
$total_method = Cart::BOTH;
// Create Cart rule in order to make free shipping
if (isset($invoice_informations['free_shipping']) && $invoice_informations['free_shipping']) {
$cart_rule = new CartRule();
$cart_rule->id_customer = $order->id_customer;
$cart_rule->name = array(Configuration::get('PS_LANG_DEFAULT') => $this->l('[Generated] CartRule for Free Shipping'));
$cart_rule->date_from = date('Y-m-d H:i:s', time());
$cart_rule->date_to = date('Y-m-d H:i:s', time() + 24 * 3600);
$cart_rule->quantity = 1;
$cart_rule->quantity_per_user = 1;
$cart_rule->minimum_amount_currency = $order->id_currency;
$cart_rule->reduction_currency = $order->id_currency;
$cart_rule->free_shipping = true;
$cart_rule->active = 1;
$cart_rule->add();
// Add cart rule to cart and in order
$cart->addCartRule($cart_rule->id);
$values = array('tax_incl' => $cart_rule->getContextualValue(true), 'tax_excl' => $cart_rule->getContextualValue(false));
$order->addCartRule($cart_rule->id, $cart_rule->name[Configuration::get('PS_LANG_DEFAULT')], $values);
}
$order_invoice->id_order = $order->id;
if ($order_invoice->number) {
Configuration::updateValue('PS_INVOICE_START_NUMBER', false, false, null, $order->id_shop);
} else {
$order_invoice->number = Order::getLastInvoiceNumber() + 1;
}
$invoice_address = new Address((int) $order->{Configuration::get('PS_TAX_ADDRESS_TYPE', null, null, $order->id_shop)});
$carrier = new Carrier((int) $order->id_carrier);
$tax_calculator = $carrier->getTaxCalculator($invoice_address);
$order_invoice->total_paid_tax_excl = Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, false, $total_method), 2);
$order_invoice->total_paid_tax_incl = Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, $total_method), 2);
$order_invoice->total_products = (double) $cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_PRODUCTS);
$order_invoice->total_products_wt = (double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_PRODUCTS);
$order_invoice->total_shipping_tax_excl = (double) $cart->getTotalShippingCost(null, false);
$order_invoice->total_shipping_tax_incl = (double) $cart->getTotalShippingCost();
$order_invoice->total_wrapping_tax_excl = abs($cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_WRAPPING));
$order_invoice->total_wrapping_tax_incl = abs($cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_WRAPPING));
$order_invoice->shipping_tax_computation_method = (int) $tax_calculator->computation_method;
// Update current order field, only shipping because other field is updated later
$order->total_shipping += $order_invoice->total_shipping_tax_incl;
$order->total_shipping_tax_excl += $order_invoice->total_shipping_tax_excl;
$order->total_shipping_tax_incl += $use_taxes ? $order_invoice->total_shipping_tax_incl : $order_invoice->total_shipping_tax_excl;
$order->total_wrapping += abs($cart->getOrderTotal($use_taxes, Cart::ONLY_WRAPPING));
$order->total_wrapping_tax_excl += abs($cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_WRAPPING));
$order->total_wrapping_tax_incl += abs($cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_WRAPPING));
$order_invoice->add();
$order_invoice->saveCarrierTaxCalculator($tax_calculator->getTaxesAmount($order_invoice->total_shipping_tax_excl));
$order_carrier = new OrderCarrier();
$order_carrier->id_order = (int) $order->id;
$order_carrier->id_carrier = (int) $order->id_carrier;
$order_carrier->id_order_invoice = (int) $order_invoice->id;
$order_carrier->weight = (double) $cart->getTotalWeight();
$order_carrier->shipping_cost_tax_excl = (double) $order_invoice->total_shipping_tax_excl;
$order_carrier->shipping_cost_tax_incl = $use_taxes ? (double) $order_invoice->total_shipping_tax_incl : (double) $order_invoice->total_shipping_tax_excl;
$order_carrier->add();
} else {
$order_invoice->total_paid_tax_excl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, false, $total_method), 2);
$order_invoice->total_paid_tax_incl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, $total_method), 2);
$order_invoice->total_products += (double) $cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_PRODUCTS);
$order_invoice->total_products_wt += (double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_PRODUCTS);
$order_invoice->update();
}
}
// Create Order detail information
$order_detail = new OrderDetail();
$order_detail->createList($order, $cart, $order->getCurrentOrderState(), $cart->getProducts(), isset($order_invoice) ? $order_invoice->id : 0, $use_taxes, (int) Tools::getValue('add_product_warehouse'));
// update totals amount of order
$order->total_products += (double) $cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_PRODUCTS);
$order->total_products_wt += (double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, Cart::ONLY_PRODUCTS);
$order->total_paid += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, true, $total_method), 2);
$order->total_paid_tax_excl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, false, $total_method), 2);
$order->total_paid_tax_incl += Tools::ps_round((double) $cart->getAdminOrderTotal($order->id_cart, $use_taxes, $total_method), 2);
if (isset($order_invoice) && Validate::isLoadedObject($order_invoice)) {
$order->total_shipping = $order_invoice->total_shipping_tax_incl;
$order->total_shipping_tax_incl = $order_invoice->total_shipping_tax_incl;
$order->total_shipping_tax_excl = $order_invoice->total_shipping_tax_excl;
}
// discount
$order->total_discounts += (double) abs($cart->getAdminOrderTotal($order->id_cart, true, Cart::ONLY_DISCOUNTS));
$order->total_discounts_tax_excl += (double) abs($cart->getAdminOrderTotal($order->id_cart, false, Cart::ONLY_DISCOUNTS));
$order->total_discounts_tax_incl += (double) abs($cart->getAdminOrderTotal($order->id_cart, true, Cart::ONLY_DISCOUNTS));
// Save changes of order
$order->update();
// Update weight SUM
$order_carrier = new OrderCarrier((int) $order->getIdOrderCarrier());
if (Validate::isLoadedObject($order_carrier)) {
$order_carrier->weight = (double) $order->getTotalWeight();
if ($order_carrier->update()) {
$order->weight = sprintf("%.3f " . Configuration::get('PS_WEIGHT_UNIT'), $order_carrier->weight);
}
}
// Update Tax lines
$order_detail->updateTaxAmount($order);
// Delete specific price if exists
if (isset($specific_price)) {
$specific_price->delete();
}
$products = $this->getProducts($order);
// Get the last product
$product = end($products);
$resume = OrderSlip::getProductSlipResume((int) $product['id_order_detail']);
$product['quantity_refundable'] = $product['product_quantity'] - $resume['product_quantity'];
$product['amount_refundable'] = $product['total_price_tax_incl'] - $resume['amount_tax_incl'];
$product['amount_refund'] = Tools::displayPrice($resume['amount_tax_incl']);
$product['return_history'] = OrderReturn::getProductReturnDetail((int) $product['id_order_detail']);
$product['refund_history'] = OrderSlip::getProductSlipDetail((int) $product['id_order_detail']);
if ($product['id_warehouse'] != 0) {
$warehouse = new Warehouse((int) $product['id_warehouse']);
$product['warehouse_name'] = $warehouse->name;
} else {
$product['warehouse_name'] = '--';
}
// Get invoices collection
$invoice_collection = $order->getInvoicesCollection();
$invoice_array = array();
foreach ($invoice_collection as $invoice) {
$invoice->name = $invoice->getInvoiceNumberFormatted(Context::getContext()->language->id, (int) $order->id_shop);
$invoice_array[] = $invoice;
}
// Assign to smarty informations in order to show the new product line
$this->context->smarty->assign(array('product' => $product, 'order' => $order, 'currency' => new Currency($order->id_currency), 'can_edit' => $this->tabAccess['edit'], 'invoices_collection' => $invoice_collection, 'current_id_lang' => Context::getContext()->language->id, 'link' => Context::getContext()->link, 'current_index' => self::$currentIndex, 'display_warehouse' => (int) Configuration::get('PS_ADVANCED_STOCK_MANAGEMENT')));
$this->sendChangedNotification($order);
die(Tools::jsonEncode(array('result' => true, 'view' => $this->createTemplate('_product_line.tpl')->fetch(), 'can_edit' => $this->tabAccess['add'], 'product' => $product, 'order' => $order, 'invoices' => $invoice_array, 'documents_html' => $this->createTemplate('_documents.tpl')->fetch(), 'shipping_html' => $this->createTemplate('_shipping.tpl')->fetch(), 'discount_form_html' => $this->createTemplate('_discount_form.tpl')->fetch())));
}
}
} else {
foreach ($errors_codes as $code) {
$errors_list[] = $so->l('Error code:') . ' ' . $so->getError($code);
}
}
if (empty($errors_list)) {
if ($so->isCorrectSignKey(Tools::getValue('SIGNATURE'), $return) && $so->context->cart->id && saveOrderShippingDetails($so->context->cart->id, (int) $return['TRCLIENTNUMBER'], $return, $so)) {
$TRPARAMPLUS = explode('|', Tools::getValue('TRPARAMPLUS'));
if (count($TRPARAMPLUS) > 1) {
$so->context->cart->id_carrier = (int) $TRPARAMPLUS[0];
$so->context->cart->gift = (int) $TRPARAMPLUS[1];
} elseif (count($TRPARAMPLUS) == 1) {
$so->context->cart->id_carrier = (int) $TRPARAMPLUS[0];
}
if ((int) $so->context->cart->gift && Validate::isMessage($TRPARAMPLUS[2])) {
$so->context->cart->gift_message = strip_tags($TRPARAMPLUS[2]);
}
if (!$so->context->cart->update()) {
$errors_list[] = $so->l('Cart can\'t be updated. Please try again your selection');
} else {
Tools::redirect($redirect . 'step=3&cgv=1&id_carrier=' . $so->context->cart->id_carrier);
}
} else {
$errors_list[] = $so->getError('999');
}
}
$so->context->smarty->assign('error_list', $errors_list);
$display->run();
function saveOrderShippingDetails($idCart, $idCustomer, $soParams, $so_object)
{
public function postProcess()
{
if (Tools::isSubmit('submitMessage')) {
$idOrder = (int) Tools::getValue('id_order');
$msgText = Tools::getValue('msgText');
if (!$idOrder || !Validate::isUnsignedId($idOrder)) {
$this->errors[] = Tools::displayError('The order is no longer valid.');
} elseif (empty($msgText)) {
$this->errors[] = Tools::displayError('The message cannot be blank.');
} elseif (!Validate::isMessage($msgText)) {
$this->errors[] = Tools::displayError('This message is invalid (HTML is not allowed).');
}
if (!count($this->errors)) {
$order = new Order($idOrder);
if (Validate::isLoadedObject($order) && $order->id_customer == $this->context->customer->id) {
//check if a thread already exist
$id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($this->context->customer->email, $order->id);
$id_product = (int) Tools::getValue('id_product');
$cm = new CustomerMessage();
if (!$id_customer_thread) {
$ct = new CustomerThread();
$ct->id_contact = 0;
$ct->id_customer = (int) $order->id_customer;
$ct->id_shop = (int) $this->context->shop->id;
if ($id_product && $order->orderContainProduct((int) $id_product)) {
$ct->id_product = $id_product;
}
$ct->id_order = (int) $order->id;
$ct->id_lang = (int) $this->context->language->id;
$ct->email = $this->context->customer->email;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
} else {
$ct = new CustomerThread((int) $id_customer_thread);
}
$cm->id_customer_thread = $ct->id;
if ($id_product && $order->orderContainProduct((int) $id_product)) {
$cm->id_product = $id_product;
}
$cm->message = $msgText;
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->add();
if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
$to = strval(Configuration::get('PS_SHOP_EMAIL'));
} else {
$to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE'));
$to = strval($to->email);
}
$toName = strval(Configuration::get('PS_SHOP_NAME'));
$customer = $this->context->customer;
$product = new Product($id_product);
$product_name = '';
if (Validate::isLoadedObject($product) && isset($product->name[(int) $this->context->language->id])) {
$product_name = $product->name[(int) $this->context->language->id];
}
if (Validate::isLoadedObject($customer)) {
Mail::Send($this->context->language->id, 'order_customer_comment', Mail::l('Message from a customer'), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $order->id, '{order_name}' => $order->getUniqReference(), '{message}' => Tools::nl2br($msgText), '{product_name}' => $product_name), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname);
}
if (Tools::getValue('ajax') != 'true') {
Tools::redirect('index.php?controller=order-detail&id_order=' . (int) $idOrder);
}
$this->context->smarty->assign('message_confirmation', true);
} else {
$this->errors[] = Tools::displayError('Order not found');
}
}
}
if (Tools::isSubmit('markAsReceived')) {
$idOrder = (int) Tools::getValue('id_order');
$order = new Order($idOrder);
if (Validate::isLoadedObject($order)) {
if ($order->getCurrentState() == 15) {
$new_history = new OrderHistory();
$new_history->id_order = (int) $order->id;
$new_history->changeIdOrderState(3, $order);
// 16: Ready for Production
//var_dump($order,$new_history);
$myfile = fopen(PS_PRODUCT_IMG_PATH . "/orders/" . $order->reference . ".txt", "w") or die("Unable to open file!");
$txt = "Order Confirmed\n Order Reference: " . $order->reference;
fwrite($myfile, $txt);
fclose($myfile);
$new_history->addWithemail(true);
}
$this->context->smarty->assign('receipt_confirmation', true);
} else {
$this->_errors[] = Tools::displayError('Error: Invalid order number');
}
}
}
<?php
$useSSL = true;
include dirname(__FILE__) . '/config/config.inc.php';
include dirname(__FILE__) . '/header.php';
$errors = array();
$smarty->assign('contacts', Contact::getContacts(intval($cookie->id_lang)));
if (Tools::isSubmit('submitMessage')) {
$message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (!($from = Tools::getValue('from')) or !Validate::isEmail($from)) {
$errors[] = Tools::displayError('invalid e-mail address');
} elseif (!($message = nl2br2($message))) {
$errors[] = Tools::displayError('message cannot be blank');
} elseif (!Validate::isMessage($message)) {
$errors[] = Tools::displayError('invalid message');
} elseif (!($id_contact = intval(Tools::getValue('id_contact'))) or !Validate::isLoadedObject($contact = new Contact(intval($id_contact), intval($cookie->id_lang)))) {
$errors[] = Tools::displayError('please select a contact in the list');
} else {
if (intval($cookie->id_customer)) {
$customer = new Customer(intval($cookie->id_customer));
}
if (Mail::Send(intval($cookie->id_lang), 'contact', 'Message from contact form', array('{email}' => $from, '{message}' => stripslashes($message)), $contact->email, $contact->name, $from, intval($cookie->id_customer) ? $customer->firstname . ' ' . $customer->lastname : $from)) {
$smarty->assign('confirmation', 1);
} else {
$errors[] = Tools::displayError('an error occurred while sending message');
}
}
}
$email = Tools::safeOutput(Tools::getValue('from', (isset($cookie) and isset($cookie->email) and Validate::isEmail($cookie->email)) ? $cookie->email : ''));
$smarty->assign(array('errors' => $errors, 'email' => $email));
$smarty->display(_PS_THEME_DIR_ . 'contact-form.tpl');
public function preProcess()
{
parent::preProcess();
if (Tools::isSubmit('submitMessage')) {
$idOrder = (int) Tools::getValue('id_order');
$msgText = htmlentities(Tools::getValue('msgText'), ENT_COMPAT, 'UTF-8');
if (!$idOrder or !Validate::isUnsignedId($idOrder)) {
$this->errors[] = Tools::displayError('Order is no longer valid');
} elseif (empty($msgText)) {
$this->errors[] = Tools::displayError('Message cannot be blank');
} elseif (!Validate::isMessage($msgText)) {
$this->errors[] = Tools::displayError('Message is invalid (HTML is not allowed)');
}
if (!sizeof($this->errors)) {
$order = new Order((int) $idOrder);
if (Validate::isLoadedObject($order) and $order->id_customer == self::$cookie->id_customer) {
$message = new Message();
$message->id_customer = (int) self::$cookie->id_customer;
$message->message = $msgText;
$message->id_order = (int) $idOrder;
$message->private = false;
$message->add();
if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
$to = strval(Configuration::get('PS_SHOP_EMAIL'));
} else {
$to = new Contact((int) Configuration::get('PS_MAIL_EMAIL_MESSAGE'));
$to = strval($to->email);
}
$toName = strval(Configuration::get('PS_SHOP_NAME'));
$customer = new Customer((int) self::$cookie->id_customer);
if (Validate::isLoadedObject($customer)) {
Mail::Send((int) self::$cookie->id_lang, 'order_customer_comment', Mail::l('Message from a customer', (int) self::$cookie->id_lang), array('{lastname}' => $customer->lastname, '{firstname}' => $customer->firstname, '{email}' => $customer->email, '{id_order}' => (int) $message->id_order, '{order_name}' => sprintf("#%06d", (int) $message->id_order), '{message}' => $message->message), $to, $toName, $customer->email, $customer->firstname . ' ' . $customer->lastname);
}
if (Tools::getValue('ajax') != 'true') {
Tools::redirect('order-detail.php?id_order=' . (int) $idOrder);
}
} else {
$this->errors[] = Tools::displayError('Order not found');
}
}
}
if (!($id_order = (int) Tools::getValue('id_order')) or !Validate::isUnsignedId($id_order)) {
$this->errors[] = Tools::displayError('Order ID required');
} else {
$order = new Order($id_order);
if (Validate::isLoadedObject($order) and $order->id_customer == self::$cookie->id_customer) {
$id_order_state = (int) $order->getCurrentState();
$carrier = new Carrier((int) $order->id_carrier, (int) $order->id_lang);
$addressInvoice = new Address((int) $order->id_address_invoice);
$addressDelivery = new Address((int) $order->id_address_delivery);
// $stateInvoiceAddress = new State((int)$addressInvoice->id_state);
$inv_adr_fields = AddressFormat::getOrderedAddressFields($addressInvoice->id_country);
$dlv_adr_fields = AddressFormat::getOrderedAddressFields($addressDelivery->id_country);
$invoiceAddressFormatedValues = AddressFormat::getFormattedAddressFieldsValues($addressInvoice, $inv_adr_fields);
$deliveryAddressFormatedValues = AddressFormat::getFormattedAddressFieldsValues($addressDelivery, $dlv_adr_fields);
if ($order->total_discounts > 0) {
self::$smarty->assign('total_old', (double) ($order->total_paid - $order->total_discounts));
}
$products = $order->getProducts();
$customizedDatas = Product::getAllCustomizedDatas((int) $order->id_cart);
Product::addCustomizationPrice($products, $customizedDatas);
$customer = new Customer($order->id_customer);
self::$smarty->assign(array('shop_name' => strval(Configuration::get('PS_SHOP_NAME')), 'order' => $order, 'return_allowed' => (int) $order->isReturnable(), 'currency' => new Currency($order->id_currency), 'order_state' => (int) $id_order_state, 'invoiceAllowed' => (int) Configuration::get('PS_INVOICE'), 'invoice' => OrderState::invoiceAvailable((int) $id_order_state) and $order->invoice_number, 'order_history' => $order->getHistory((int) self::$cookie->id_lang, false, true), 'products' => $products, 'discounts' => $order->getDiscounts(), 'carrier' => $carrier, 'address_invoice' => $addressInvoice, 'invoiceState' => (Validate::isLoadedObject($addressInvoice) and $addressInvoice->id_state) ? new State((int) $addressInvoice->id_state) : false, 'address_delivery' => $addressDelivery, 'inv_adr_fields' => $inv_adr_fields, 'dlv_adr_fields' => $dlv_adr_fields, 'invoiceAddressFormatedValues' => $invoiceAddressFormatedValues, 'deliveryAddressFormatedValues' => $deliveryAddressFormatedValues, 'deliveryState' => (Validate::isLoadedObject($addressDelivery) and $addressDelivery->id_state) ? new State((int) $addressDelivery->id_state) : false, 'is_guest' => false, 'messages' => Message::getMessagesByOrderId((int) $order->id), 'CUSTOMIZE_FILE' => _CUSTOMIZE_FILE_, 'CUSTOMIZE_TEXTFIELD' => _CUSTOMIZE_TEXTFIELD_, 'isRecyclable' => Configuration::get('PS_RECYCLABLE_PACK'), 'use_tax' => Configuration::get('PS_TAX'), 'group_use_tax' => Group::getPriceDisplayMethod($customer->id_default_group) == PS_TAX_INC, 'customizedDatas' => $customizedDatas));
if ($carrier->url and $order->shipping_number) {
self::$smarty->assign('followup', str_replace('@', $order->shipping_number, $carrier->url));
}
self::$smarty->assign('HOOK_ORDERDETAILDISPLAYED', Module::hookExec('orderDetailDisplayed', array('order' => $order)));
Module::hookExec('OrderDetail', array('carrier' => $carrier, 'order' => $order));
unset($carrier);
unset($addressInvoice);
unset($addressDelivery);
} else {
$this->errors[] = Tools::displayError('Cannot find this order');
}
unset($order);
}
}
$useSSL = true;
include dirname(__FILE__) . '/config/config.inc.php';
require_once dirname(__FILE__) . '/init.php';
include_once dirname(__FILE__) . '/classes/Product.php';
if (!$cookie->isLogged()) {
Tools::redirect('authentication.php?back=history.php');
}
$errors = array();
if (Tools::isSubmit('submitMessage')) {
$idOrder = intval(Tools::getValue('id_order'));
$msgText = htmlentities(Tools::getValue('msgText'), ENT_COMPAT, 'UTF-8');
if (!$idOrder or !Validate::isUnsignedId($idOrder)) {
$errors[] = Tools::displayError('order is no longer valid');
} elseif (empty($msgText)) {
$errors[] = Tools::displayError('message cannot be blank');
} elseif (!Validate::isMessage($msgText)) {
$errors[] = Tools::displayError('message is not valid (HTML is not allowed)');
}
if (!sizeof($errors)) {
$order = new Order(intval($idOrder));
if (Validate::isLoadedObject($order) and $order->id_customer == $cookie->id_customer) {
$message = new Message();
$message->id_customer = intval($cookie->id_customer);
$message->message = $msgText;
$message->id_order = intval($idOrder);
$message->private = false;
$message->add();
if (!Configuration::get('PS_MAIL_EMAIL_MESSAGE')) {
$to = strval(Configuration::get('PS_SHOP_EMAIL'));
} else {
$to = new Contact(intval(Configuration::get('PS_MAIL_EMAIL_MESSAGE')));
protected function ajaxProcessAddComment()
{
$module_instance = new ProductComments();
$result = true;
$id_guest = 0;
$id_customer = $this->context->customer->id;
if (!$id_customer) {
$id_guest = $this->context->cookie->id_guest;
}
$errors = array();
// Validation
if (!Validate::isInt(Tools::getValue('id_product'))) {
$errors[] = $module_instance->l('ID product is incorrect', 'default');
}
if (!Tools::getValue('title') || !Validate::isGenericName(Tools::getValue('title'))) {
$errors[] = $module_instance->l('Title is incorrect', 'default');
}
if (!Tools::getValue('content') || !Validate::isMessage(Tools::getValue('content'))) {
$errors[] = $module_instance->l('Comment is incorrect', 'default');
}
if (!$id_customer && (!Tools::isSubmit('customer_name') || !Tools::getValue('customer_name') || !Validate::isGenericName(Tools::getValue('customer_name')))) {
$errors[] = $module_instance->l('Customer name is incorrect', 'default');
}
if (!$this->context->customer->id && !Configuration::get('PRODUCT_COMMENTS_ALLOW_GUESTS')) {
$errors[] = $module_instance->l('You must be logged in order to send a comment', 'default');
}
if (!count(Tools::getValue('criterion'))) {
$errors[] = $module_instance->l('You must give a rating', 'default');
}
$product = new Product(Tools::getValue('id_product'));
if (!$product->id) {
$errors[] = $module_instance->l('Product not found', 'default');
}
if (!count($errors)) {
$customer_comment = ProductComment::getByCustomer(Tools::getValue('id_product'), $id_customer, true, $id_guest);
if (!$customer_comment || $customer_comment && strtotime($customer_comment['date_add']) + (int) Configuration::get('PRODUCT_COMMENTS_MINIMAL_TIME') < time()) {
$comment = new ProductComment();
$comment->content = strip_tags(Tools::getValue('content'));
$comment->id_product = (int) Tools::getValue('id_product');
$comment->id_customer = (int) $id_customer;
$comment->id_guest = $id_guest;
$comment->customer_name = Tools::getValue('customer_name');
if (!$comment->customer_name) {
$comment->customer_name = pSQL($this->context->customer->firstname . ' ' . $this->context->customer->lastname);
}
$comment->title = Tools::getValue('title');
$comment->grade = 0;
$comment->validate = 0;
$comment->save();
$grade_sum = 0;
foreach (Tools::getValue('criterion') as $id_product_comment_criterion => $grade) {
$grade_sum += $grade;
$product_comment_criterion = new ProductCommentCriterion($id_product_comment_criterion);
if ($product_comment_criterion->id) {
$product_comment_criterion->addGrade($comment->id, $grade);
}
}
if (count(Tools::getValue('criterion')) >= 1) {
$comment->grade = $grade_sum / count(Tools::getValue('criterion'));
// Update Grade average of comment
$comment->save();
}
$result = true;
} else {
$result = false;
$errors[] = $module_instance->l('You should wait') . ' ' . Configuration::get('PRODUCT_COMMENTS_MINIMAL_TIME') . ' ' . $module_instance->l('seconds before posting a new comment');
}
} else {
$result = false;
}
die(Tools::jsonEncode(array('result' => $result, 'errors' => $errors)));
}
protected function textRecord()
{
if (!($field_ids = $this->product->getCustomizationFieldIds())) {
return false;
}
$authorized_text_fields = array();
foreach ($field_ids as $field_id) {
if ($field_id['type'] == Product::CUSTOMIZE_TEXTFIELD) {
$authorized_text_fields[(int) $field_id['id_customization_field']] = 'textField' . (int) $field_id['id_customization_field'];
}
}
$indexes = array_flip($authorized_text_fields);
foreach ($_POST as $field_name => $value) {
if (in_array($field_name, $authorized_text_fields) && !empty($value)) {
if (!Validate::isMessage($value)) {
$this->errors[] = Tools::displayError('Invalid message');
} else {
$this->context->cart->addTextFieldToProduct($this->product->id, $indexes[$field_name], Product::CUSTOMIZE_TEXTFIELD, $value);
}
} else {
if (in_array($field_name, $authorized_text_fields) && empty($value)) {
$this->context->cart->deleteCustomizationToProduct((int) $this->product->id, $indexes[$field_name]);
}
}
}
}
}
if (empty($errors_list)) {
if ($so->isCorrectSignKey($return['SIGNATURE'], $return) && $so->context->cart->id && saveOrderShippingDetails($so->context->cart->id, (int) $return['TRCLIENTNUMBER'], $return, $so)) {
$trparamplus = explode('|', $return['TRPARAMPLUS']);
if (count($trparamplus) > 1) {
$so->context->cart->id_carrier = (int) $trparamplus[0];
if ($trparamplus[1] == 'checked' || $trparamplus[1] == 1) {
/* value can be "undefined" or "not checked" */
$so->context->cart->gift = 1;
} else {
$so->context->cart->gift = 0;
}
} elseif (count($trparamplus) == 1) {
$so->context->cart->id_carrier = (int) $trparamplus[0];
}
if ((int) $so->context->cart->gift && Validate::isMessage($trparamplus[2])) {
$so->context->cart->gift_message = strip_tags($trparamplus[2]);
}
if (!$so->context->cart->update()) {
$errors_list[] = $so->l('Cart cannot be updated. Please try again your selection');
} else {
Tools::redirect($redirect . 'step=3&cgv=1&id_carrier=' . $so->context->cart->id_carrier);
}
} else {
$errors_list[] = $so->getError('999');
}
}
$so->context->smarty->assign('error_list', $errors_list);
$display->run();
function saveOrderShippingDetails($id_cart, $id_customer, $so_params, $so_object)
{
public function displayPost()
{
$id_lang = $this->context->language->id;
$id_shop = $this->context->shop->id;
if (is_null($this->id_post) || !is_numeric($this->id_post)) {
return $this->displayList();
}
$post = new BlogPost($this->id_post);
if ($post->status == 'published' && $post->isAssociatedToShop($id_shop)) {
//comment submit
if (Tools::isSubmit('submitMessage') && $this->conf['comment_active'] && $post->allow_comments) {
$comment = new BlogComment();
try {
$message = trim(strip_tags(Tools::getValue('blog_comment')));
$comment->id_blog_post = $this->id_post;
$comment->customer_name = pSQL(Tools::getValue('customer_name'));
if ($message == '' || strlen($comment->customer_name) < (int) $this->conf['comment_name_min_length']) {
throw new Exception('error_input');
}
if (!Validate::isMessage($message) || !Validate::isGenericName($comment->customer_name)) {
throw new Exception('error_input_invalid');
}
$comment->content = $message;
$id_customer = (int) $this->context->customer->id;
$id_guest = (int) $this->context->cookie->id_guest;
if (!$this->conf['comment_guest'] && empty($id_customer)) {
throw new Exception('error_guest');
}
//get last comment from customer
$customerComment = BlogComment::getByCustomer($this->id_post, $id_customer, true, $id_guest);
$comment->id_customer = $id_customer;
$comment->id_guest = $id_guest;
$comment->id_lang = $id_lang;
$comment->id_shop = $id_shop;
if ($customerComment['content'] == $comment->content) {
throw new Exception('error_already');
}
if ($customerComment && strtotime($customerComment['date_add']) + (int) $this->conf['comment_min_time'] > time()) {
throw new Exception('error_delay');
}
$comment->active = $this->conf['comment_moderate'] ? 0 : 1;
$comment->save();
$this->context->smarty->assign('psblog_confirmation', true);
} catch (Exception $e) {
$comment->content = Tools::getValue('blog_comment');
$comment->customer_name = Tools::getValue('customer_name');
$this->context->smarty->assign('psblog_error', $e->getMessage());
$this->context->smarty->assign('comment', $comment);
}
}
/* * * view article ** */
$images = $post->getImages(false);
$categories = $post->listCategories(true);
$products = $post->getProducts(true);
$related = $post->listRelated(true, true);
if (is_array($related) && count($related) > 0) {
$i = 0;
foreach ($related as $val) {
$related[$i]['link'] = BlogPost::linkPost($val['id_blog_post'], $val['link_rewrite'], $val['id_lang']);
$i++;
}
}
if (is_array($products) && count($products) > 0) {
$i = 0;
foreach ($products as $p) {
$product = new Product($p['id_product'], false, $id_lang);
$products[$i]['link'] = $this->context->link->getProductLink($product);
$products[$i]['imageLink'] = $this->context->link->getImageLink($p['link_rewrite'], $p['id_product'] . '-' . $p['id_image'], $this->conf['product_img_format']);
$i++;
}
}
/* SEO metas */
$curr_meta_title = $this->context->smarty->getTemplateVars('meta_title');
$this->context->smarty->assign(array('meta_title' => $curr_meta_title . ' - ' . $post->title, 'meta_description' => $post->meta_description, 'meta_keywords' => $post->meta_keywords));
if ($this->conf['view_display_popin'] == 1) {
$this->addjqueryPlugin('fancybox');
$this->addJS($this->module->getPathUri() . 'js/popin.js');
}
if ($categories) {
$i = 0;
foreach ($categories as $cat) {
$categories[$i]['link'] = BlogCategory::linkCategory($cat['id_blog_category'], $cat['link_rewrite'], $cat['id_lang']);
$i++;
}
}
$comments = $post->getComments();
$this->context->smarty->assign(array('post_images' => $images, 'post_products' => $products, 'post_related' => $related, 'post_categories' => $categories, 'post_comments' => $comments));
} else {
$post->status = 'suspended';
}
$this->context->smarty->assign('post', $post);
$this->setTemplate('view.tpl');
}
public function ajaxProcessUpdateOrderMessage()
{
if ($this->tabAccess['edit'] === '1') {
$id_message = false;
if ($old_message = Message::getMessageByCartId((int) $this->context->cart->id)) {
$id_message = $old_message['id_message'];
}
$message = new Message((int) $id_message);
if ($message_content = Tools::getValue('message')) {
if (Validate::isMessage($message_content)) {
$message->message = $message_content;
$message->id_cart = (int) $this->context->cart->id;
$message->id_customer = (int) $this->context->cart->id_customer;
$message->save();
}
} else {
if (Validate::isLoadedObject($message)) {
$message->delete();
}
}
echo Tools::jsonEncode($this->ajaxReturnVars());
}
}
protected function _updateMessage($message_content)
{
if ($message_content) {
if (!Validate::isMessage($message_content)) {
$this->errors[] = Tools::displayError('Invalid message');
} else {
if ($old_message = Message::getMessageByCartId((int) $this->context->cart->id)) {
$message = new Message((int) $old_message['id_message']);
$message->message = $message_content;
$message->update();
} else {
$message = new Message();
$message->message = $message_content;
$message->id_cart = (int) $this->context->cart->id;
$message->id_customer = (int) $this->context->cart->id_customer;
$message->add();
}
}
} else {
if ($old_message = Message::getMessageByCartId($this->context->cart->id)) {
$message = new Message($old_message['id_message']);
$message->delete();
}
}
return true;
}
/**
* Get ID wishlist by Token
*
* @return array Results
*/
public static function getByToken($token)
{
if (!Validate::isMessage($token)) {
die(Tools::displayError());
}
return Db::getInstance(_PS_USE_SQL_SLAVE_)->getRow('
SELECT w.`id_wishlist`, w.`name`, w.`id_customer`, c.`firstname`, c.`lastname`
FROM `' . _DB_PREFIX_ . 'wishlist` w
INNER JOIN `' . _DB_PREFIX_ . 'customer` c ON c.`id_customer` = w.`id_customer`
WHERE `token` = \'' . pSQL($token) . '\'');
}
public function preProcess()
{
parent::preProcess();
if (self::$cookie->isLogged()) {
self::$smarty->assign('isLogged', 1);
$customer = new Customer((int) self::$cookie->id_customer);
if (!Validate::isLoadedObject($customer)) {
die(Tools::displayError('Customer not found'));
}
$products = array();
$orders = array();
$getOrders = Db::getInstance()->ExecuteS('
SELECT id_order
FROM ' . _DB_PREFIX_ . 'orders
WHERE id_customer = ' . (int) $customer->id . ' ORDER BY date_add');
foreach ($getOrders as $row) {
$order = new Order($row['id_order']);
$date = explode(' ', $order->date_add);
$orders[$row['id_order']] = Tools::displayDate($date[0], self::$cookie->id_lang);
$tmp = $order->getProducts();
foreach ($tmp as $key => $val) {
$products[$val['product_id']] = $val['product_name'];
}
}
$orderList = '';
foreach ($orders as $key => $val) {
$orderList .= '<option value="' . $key . '" ' . ((int) Tools::getValue('id_order') == $key ? 'selected' : '') . ' >' . $key . ' -- ' . $val . '</option>';
}
$orderedProductList = '';
foreach ($products as $key => $val) {
$orderedProductList .= '<option value="' . $key . '" ' . ((int) Tools::getValue('id_product') == $key ? 'selected' : '') . ' >' . $val . '</option>';
}
self::$smarty->assign('orderList', $orderList);
self::$smarty->assign('orderedProductList', $orderedProductList);
}
if (Tools::isSubmit('submitMessage')) {
$fileAttachment = NULL;
if (isset($_FILES['fileUpload']['name']) and !empty($_FILES['fileUpload']['name']) and !empty($_FILES['fileUpload']['tmp_name'])) {
$extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg');
$filename = uniqid() . substr($_FILES['fileUpload']['name'], -5);
$fileAttachment['content'] = file_get_contents($_FILES['fileUpload']['tmp_name']);
$fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type'];
}
$message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (!($from = trim(Tools::getValue('from'))) or !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid e-mail address');
} elseif (!($message = nl2br2($message))) {
$this->errors[] = Tools::displayError('Message cannot be blank');
} elseif (!Validate::isMessage($message)) {
$this->errors[] = Tools::displayError('Invalid message');
} elseif (!($id_contact = (int) Tools::getValue('id_contact')) or !Validate::isLoadedObject($contact = new Contact((int) $id_contact, (int) self::$cookie->id_lang))) {
$this->errors[] = Tools::displayError('Please select a subject on the list.');
} elseif (!empty($_FILES['fileUpload']['name']) and $_FILES['fileUpload']['error'] != 0) {
$this->errors[] = Tools::displayError('An error occurred during the file upload');
} elseif (!empty($_FILES['fileUpload']['name']) and !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) and !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$this->errors[] = Tools::displayError('Bad file extension');
} else {
if ((int) self::$cookie->id_customer) {
$customer = new Customer((int) self::$cookie->id_customer);
} else {
$customer = new Customer();
$customer->getByEmail($from);
}
$contact = new Contact($id_contact, self::$cookie->id_lang);
if (!($id_customer_thread = (int) Tools::getValue('id_customer_thread') and (int) Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . ' AND token = \'' . pSQL(Tools::getValue('token')) . '\'') or $id_customer_thread = (int) Db::getInstance()->getValue('
SELECT cm.id_customer_thread FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE cm.email = \'' . pSQL($from) . '\' AND cm.id_order = ' . (int) Tools::getValue('id_order') . ''))) {
$fields = Db::getInstance()->ExecuteS('
SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email
FROM ' . _DB_PREFIX_ . 'customer_thread cm
WHERE email = \'' . pSQL($from) . '\' AND (' . ($customer->id ? 'id_customer = ' . (int) $customer->id . ' OR ' : '') . '
id_order = ' . (int) Tools::getValue('id_order') . ')');
$score = 0;
foreach ($fields as $key => $row) {
$tmp = 0;
if ((int) $row['id_customer'] and $row['id_customer'] != $customer->id and $row['email'] != $from) {
continue;
}
if ($row['id_order'] != 0 and Tools::getValue('id_order') != $row['id_order']) {
continue;
}
if ($row['email'] == $from) {
$tmp += 4;
}
if ($row['id_contact'] == $id_contact) {
$tmp++;
}
if (Tools::getValue('id_product') != 0 and $row['id_product'] == Tools::getValue('id_product')) {
$tmp += 2;
}
if ($tmp >= 5 and $tmp >= $score) {
$score = $tmp;
$id_customer_thread = $row['id_customer_thread'];
}
}
}
$old_message = Db::getInstance()->getValue('
SELECT cm.message FROM ' . _DB_PREFIX_ . 'customer_message cm
WHERE cm.id_customer_thread = ' . (int) $id_customer_thread . '
ORDER BY date_add DESC');
if ($old_message == htmlentities($message, ENT_COMPAT, 'UTF-8')) {
self::$smarty->assign('alreadySent', 1);
$contact->email = '';
$contact->customer_service = 0;
}
if (!empty($contact->email)) {
if (Mail::Send((int) self::$cookie->id_lang, 'contact', Mail::l('Message from contact form'), array('{email}' => $from, '{message}' => stripslashes($message)), $contact->email, $contact->name, $from, (int) self::$cookie->id_customer ? $customer->firstname . ' ' . $customer->lastname : '', $fileAttachment) and Mail::Send((int) self::$cookie->id_lang, 'contact_form', Mail::l('Your message has been correctly sent'), array('{message}' => stripslashes($message)), $from)) {
self::$smarty->assign('confirmation', 1);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
}
if ($contact->customer_service) {
if ((int) $id_customer_thread) {
$ct = new CustomerThread($id_customer_thread);
$ct->status = 'open';
$ct->id_lang = (int) self::$cookie->id_lang;
$ct->id_contact = (int) $id_contact;
if ($id_order = (int) Tools::getValue('id_order')) {
$ct->id_order = $id_order;
}
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->update();
} else {
$ct = new CustomerThread();
if (isset($customer->id)) {
$ct->id_customer = (int) $customer->id;
}
if ($id_order = (int) Tools::getValue('id_order')) {
$ct->id_order = $id_order;
}
if ($id_product = (int) Tools::getValue('id_product')) {
$ct->id_product = $id_product;
}
$ct->id_contact = (int) $id_contact;
$ct->id_lang = (int) self::$cookie->id_lang;
$ct->email = $from;
$ct->status = 'open';
$ct->token = Tools::passwdGen(12);
$ct->add();
}
if ($ct->id) {
$cm = new CustomerMessage();
$cm->id_customer_thread = $ct->id;
$cm->message = htmlentities($message, ENT_COMPAT, 'UTF-8');
if (isset($filename) and rename($_FILES['fileUpload']['tmp_name'], _PS_MODULE_DIR_ . '../upload/' . $filename)) {
$cm->file_name = $filename;
}
$cm->ip_address = ip2long($_SERVER['REMOTE_ADDR']);
$cm->user_agent = $_SERVER['HTTP_USER_AGENT'];
if ($cm->add()) {
if (empty($contact->email)) {
Mail::Send((int) self::$cookie->id_lang, 'contact_form', Mail::l('Your message has been correctly sent'), array('{message}' => stripslashes($message)), $from);
}
self::$smarty->assign('confirmation', 1);
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
} else {
$this->errors[] = Tools::displayError('An error occurred while sending message.');
}
}
if (count($this->errors) > 1) {
array_unique($this->errors);
}
}
}
}
